CtrlK
BlogDocsLog inGet started
Tessl Logo

solidity-security

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.

78

1.00x
Quality

Does it follow best practices?

Impact

94%

1.00x

Average score across 3 eval scenarios

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Quality

Content

42%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

The content is highly actionable with complete code but fails badly on token efficiency by explaining fundamentals Claude knows and on progressive disclosure, since it is monolithic and references bundle files that are missing. Workflow clarity is adequate but lacks validation checkpoints.

Suggestions

Move the detailed vulnerable/secure code pairs into references/ files and keep SKILL.md as a concise overview with one representative example per topic — and create the referenced bundle files so navigation is not broken.

Cut conceptual restatement (e.g. what reentrancy is, why uint256 packs slots) since Claude already knows Solidity; keep only non-obvious patterns and the security checklist.

Add an explicit audit workflow with validation steps (run Slither, fix findings, re-run until clean) so the multi-step process has clear checkpoints.

DimensionReasoningScore

Conciseness

The 500-line body restates well-known Solidity concepts (reentrancy, overflow, Checks-Effects-Interactions, gas packing) Claude already knows, with redundant vulnerable/secure pairs and tutorial-style prose; far exceeds token efficiency expectations.

1 / 3

Actionability

Provides complete, executable Solidity snippets with concrete secure patterns, plus runnable Hardhat test code and named tooling (Slither, Mythril, Echidna).

3 / 3

Workflow Clarity

Sections are organized and a checklist exists, but there is no sequenced workflow with validation checkpoints for the auditing task; the 'Testing for Security' block has tests but no validate-fix-retry loop for batch/destructive operations.

2 / 3

Progressive Disclosure

Body is a monolithic wall of inline tutorial content; it lists references/ scripts/ assets/ that do not exist on disk, so navigation is broken and there is no real split of detail into one-level-deep files.

1 / 3

Total

7

/

12

Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is specific, third-person, and clearly establishes a niche with an explicit 'Use when' clause covering multiple natural trigger phrases. It answers both what and when without padding.

DimensionReasoningScore

Specificity

Lists concrete actions — 'writing smart contracts, auditing existing contracts, or implementing security measures' — matching the multi-action anchor.

3 / 3

Completeness

Explicitly answers both what ('Master smart contract security best practices...') and when ('Use when writing smart contracts, auditing existing contracts...').

3 / 3

Trigger Term Quality

Natural trigger terms users would say ('writing smart contracts', 'auditing existing contracts', 'blockchain applications') with good coverage of common phrasings.

3 / 3

Distinctiveness Conflict Risk

Clear Solidity/blockchain-security niche with distinct triggers; unlikely to collide with unrelated skills.

3 / 3

Total

12

/

12

Passed

Validation

87%

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation14 / 16 Passed

Validation for skill structure

CriteriaDescriptionResult

skill_md_line_count

SKILL.md is long (526 lines); consider splitting into references/ and linking

Warning

referenced_paths_exist

Referenced path issues: 8 missing

Warning

Total

14

/

16

Passed

Repository
Dicklesworthstone/pi_agent_rust
Reviewed

Table of Contents

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.