solidity-security
Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.
81
58%
Does it follow best practices?
Impact
96%
1.00xAverage score across 6 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./plugins/blockchain-web3/skills/solidity-security/SKILL.mdEvaluation results
95%
ETH Vault for DeFi Protocol
Reentrancy prevention and access control
CEI or ReentrancyGuard
100%
100%
External call ordering
100%
100%
OpenZeppelin ReentrancyGuard import
100%
100%
Access control on admin functions
100%
100%
Ownable or role modifier
100%
100%
Zero-amount validation
100%
100%
Zero-address validation
100%
100%
Return value checked
100%
100%
Events emitted
100%
100%
No tx.origin auth
100%
100%
Pinned pragma
0%
0%
NatSpec documentation
100%
100%
95%
On-Chain Player Registry for Blockchain Game
Gas optimization patterns
uint256 for solo variables
100%
100%
Storage variable packing
100%
100%
Slot grouping comment or ordering
100%
100%
calldata for read-only arrays
100%
100%
No memory for unmodified params
100%
100%
Events for off-chain data
100%
100%
No redundant storage writes
100%
100%
Pinned pragma
0%
0%
No tx.origin auth
100%
100%
Solidity 0.8+ version
100%
100%
92%
-1%Revenue Sharing Contract for Creator DAO
Secure payment distribution and front-running mitigation
Pull pattern for payments
100%
100%
No push distribution loop
100%
100%
Emergency stop (Pausable)
100%
100%
Pause restricted to admin
100%
100%
Commit-reveal or slippage guard
83%
75%
No tx.origin auth
100%
100%
Zero-address validation
100%
100%
Zero-amount validation
100%
100%
Return value of ETH transfer checked
100%
100%
CEI in withdraw function
100%
100%
Pinned pragma
0%
0%
94%
-3%Governance Token for the ArcadeDAO Protocol
SafeMath and legacy Solidity arithmetic safety
SafeMath import
75%
50%
SafeMath applied to uint256
100%
100%
Safe arithmetic methods used
100%
100%
Pragma pinned to 0.7.x
100%
100%
No raw arithmetic on financial variables
100%
100%
CEI pattern in transfer/withdraw
100%
100%
Access control on privileged functions
100%
100%
No tx.origin usage
100%
100%
Zero-address validation
100%
100%
Events emitted for transfers
100%
100%
100%
Collateral Yield Vault for PrimeYield Protocol
Audit preparation and NatSpec documentation
@title annotation
100%
100%
@notice annotation
100%
100%
@dev annotation on function
100%
100%
@param annotation on function
100%
100%
No hardcoded external addresses
100%
100%
Access control on address setters
100%
100%
Events for state changes
100%
100%
CEI pattern
100%
100%
ReentrancyGuard or nonReentrant
100%
100%
Input validation
100%
100%
No tx.origin usage
100%
100%
100%
1%Security Test Suite for TokenVault
Hardhat security test suite
Reentrancy attacker contract
100%
100%
Reentrancy test case
91%
100%
Overflow/underflow test case
100%
100%
Access control test case
100%
100%
ethers.getSigners() usage
100%
100%
expect revertedWith pattern
100%
100%
describe/it structure
100%
100%
ContractFactory deploy pattern
100%
100%
Hardhat config file
100%
100%
package.json with dependencies
100%
100%
- Repository
- wshobson/agents
- Commit
70444e5
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.