solidity-security

Master smart contract security best practices to prevent common vulnerabilities and implement secure Solidity patterns. Use when writing smart contracts, auditing existing contracts, or implementing security measures for blockchain applications.

Install with Tessl CLI

npx tessl i github:wshobson/agents --skill solidity-security

What are skills?

Review — 73%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Evaluation — 94%

Agent success when using this skill

Validation — 10 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

95%

ETH Vault for DeFi Protocol

Reentrancy prevention and access control

Criteria

Without context

With context

CEI or ReentrancyGuard

100%

External call ordering

100%

OpenZeppelin ReentrancyGuard import

100%

Access control on admin functions

100%

Ownable or role modifier

100%

Zero-amount validation

100%

Zero-address validation

100%

Return value checked

100%

Events emitted

100%

No tx.origin auth

100%

Pinned pragma

NatSpec documentation

100%

Without context: $0.1891 · 1m · 7 turns · 56 in / 3,781 out tokens

With context: $0.5733 · 2m 36s · 14 turns · 256 in / 10,405 out tokens

95%

On-Chain Player Registry for Blockchain Game

Gas optimization patterns

Criteria

Without context

With context

uint256 for solo variables

100%

Storage variable packing

100%

Slot grouping comment or ordering

100%

calldata for read-only arrays

100%

No memory for unmodified params

100%

Events for off-chain data

100%

No redundant storage writes

100%

Pinned pragma

No tx.origin auth

100%

Solidity 0.8+ version

100%

Without context: $0.2386 · 1m 14s · 10 turns · 10 in / 4,073 out tokens

With context: $0.7821 · 3m 16s · 24 turns · 22 in / 11,543 out tokens

93%

Revenue Sharing Contract for Creator DAO

Secure payment distribution and front-running mitigation

Criteria

Without context

With context

Pull pattern for payments

100%

No push distribution loop

100%

Emergency stop (Pausable)

100%

Pause restricted to admin

100%

Commit-reveal or slippage guard

75%

83%

No tx.origin auth

100%

Zero-address validation

100%

Zero-amount validation

100%

Return value of ETH transfer checked

100%

CEI in withdraw function

100%

Pinned pragma

Without context: $0.3067 · 1m 26s · 13 turns · 13 in / 4,587 out tokens

With context: $0.8005 · 3m 53s · 20 turns · 302 in / 13,587 out tokens

Evaluated: 2 days ago
Agent: Claude Code

Table of Contents

ETH Vault for DeFi Protocol On-Chain Player Registry for Blockchain Game Revenue Sharing Contract for Creator DAO

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.