← Back to Skills

Solidity Auditor

🌐Community
by schwepps · vlatest · Repository

This Solidity Auditor analyzes smart contracts for vulnerabilities, helping developers build more secure and reliable decentralized applications.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add solidity-auditor npx -- -y @trustedskills/solidity-auditor
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "solidity-auditor": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/solidity-auditor"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This Solidity Auditor skill analyzes smart contracts written in Solidity to identify potential vulnerabilities and areas for improvement. It performs audits based on user requests, covering security vulnerabilities, gas optimization, storage patterns, and code architecture. The audit process adapts to the specific version of Solidity used in the contract being analyzed, considering version-specific considerations.

When to use it

  • Before deploying a new smart contract to ensure its security.
  • When performing routine maintenance on existing smart contracts.
  • To identify gas optimization opportunities and reduce transaction costs.
  • To review the architecture of a smart contract for potential design flaws.
  • Specifically when auditing DeFi protocols, which require both security and architectural reviews.

Key capabilities

  • Audit Type Selection: Determines audit type based on user request (Full Audit, Security Focused, Gas Optimization, Storage Optimization, Architecture Review, or DeFi Protocol).
  • Solidity Version Awareness: Considers version-specific vulnerabilities (e.g., SafeMath usage for pre-0.8.0 contracts, unchecked blocks for 0.8.0+).
  • Static Analysis: Performs mental checks using a security checklist to identify potential issues like access control problems and arithmetic errors.
  • Vulnerability Assessment: Evaluates vulnerabilities based on severity (Critical, High, Medium) referencing OWASP standards.
  • Optimization Analysis: Provides recommendations for gas and storage optimization when requested.
  • Report Generation: Structures findings using a predefined report template.

Example prompts

  • "Perform a full audit of this smart contract."
  • "Can you perform a security-focused audit, looking for common vulnerabilities?"
  • "Analyze this contract for gas optimization opportunities."
  • “Review the architecture of this DeFi protocol.”

Tips & gotchas

  • Providing context about the smart contract's purpose, deployment chain(s), and expected user flows will improve the quality of the audit.
  • The skill adapts to Solidity version specifics; ensure the correct version is identified during analysis.
  • The auditor utilizes mental checks based on established patterns and references, so it’s not a fully automated tool.
View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
schwepps
Installs
67
Repository (canonical source) →

🌐 Community

Passed automated security scans.