Solidity Auditor Skills

March 24, 2026 · View on GitHub

AI-powered Solidity security skills for EVM systems, with expanded coverage for DeFi, account abstraction, proxies, signatures, bridges, and execution-layer edge cases.

This fork explicitly builds on pashov/skills v2, extending the upstream Solidity workflow with additional EVM vectors and repo-specific coverage.

Supported AI Platforms:

Install, Run & Update Prompts

Install https://github.com/sanbir/solidity-auditor-skills/ and run solidity-auditor with all different agents possible on the codebase

run the solidity-auditor skill with all the different agents possible on *specified files*

update skill to latest version

What This Repo Focuses On

This repo is for Solidity and EVM security review.

It is tuned for vulnerabilities that show up in real EVM systems and are easy to miss in generic code review:

authorization and role boundary mistakes
proxy, initializer, and storage-layout hazards
reentrancy across functions, contracts, hooks, and callbacks
signature, permit, and replay bugs
oracle, bridge, and cross-chain assumptions
MEV, slippage, liquidation, and rounding exploits in DeFi protocols
non-standard token integration quirks
low-level call, returndata, gas-griefing, and execution-order issues

The v3 refresh adopts the pashov-skills v2 8-agent architecture (vector-scan, math-precision, access-control, economic-security, execution-trace, invariant, periphery, first-principles) and merges new attack vectors from upstream while keeping this repo deduplicated and EVM-specific.

Skills

Skill	Description
solidity-auditor	8 specialized parallel agents (328 vectors) for Solidity security with broad EVM, DeFi, proxy, signature, bridge, and token-integration coverage.

Contributing · Security · License · Contact

We welcome improvements and fixes. See CONTRIBUTING.md for the PR process.

If you are securing Solidity systems and want to discuss improvements, open an issue or reach out via the maintainer profile on GitHub.