cairo-vulnerability-scanner

by trailofbits

cairo-vulnerability-scanner scans Cairo/StarkNet smart contracts for six critical issues, including felt252 arithmetic errors, L1-L2 messaging flaws, address conversion bugs, and signature replay. Use this cairo-vulnerability-scanner skill for Security Audit reviews of StarkNet contracts.

Stars4.9k

Favorites0

Comments0

AddedApr 30, 2026

CategorySecurity Audit

Install Command

npx skills add trailofbits/skills --skill cairo-vulnerability-scanner

Curation Score

This skill scores 78/100, which means it is a solid listing candidate for directory users who need a Cairo/StarkNet-specific audit workflow. The repository provides enough concrete vulnerability patterns and usage cues to help an agent trigger and apply it with less guesswork than a generic security prompt, though it would still benefit from stronger onboarding and execution guidance.

78/100

Strengths

Explicit use cases for auditing StarkNet/Cairo contracts, L1-L2 bridges, signature verification, and L1 handlers make it easy to trigger appropriately.
The body is substantial and structured, with 6 named vulnerability patterns and checklist-style detection guidance that gives agents actionable leverage.
Repository evidence includes code fences, repo/file references, and a dedicated resources file of vulnerability patterns, which improves operational clarity and trustworthiness.

Cautions

No install command or setup instructions are present, so directory users must infer how to activate or integrate the skill.
Support material is limited to one resource file and no scripts/tests, so the workflow may be less complete for edge cases or automation-heavy use.

Security Starknet Cairo Smart Contracts Audit Developer Audience

Overview

Overview of cairo-vulnerability-scanner skill

What cairo-vulnerability-scanner does

The cairo-vulnerability-scanner skill helps you review Cairo/StarkNet contracts for platform-specific security issues that are easy to miss in a generic Solidity-style audit. It focuses on six critical patterns, including felt252 arithmetic mistakes, L1-L2 messaging risks, address conversion problems, and signature replay.

Who should use it

Use the cairo-vulnerability-scanner skill if you are doing a Security Audit for StarkNet apps, bridge code, or Cairo contract logic. It is most useful when you already have contract files and want a targeted first-pass vulnerability review before deeper manual analysis.

What makes it different

The value is not just “scan for bugs,” but “scan for Cairo-specific bugs.” That matters because many failures in this ecosystem come from type choices, cross-layer assumptions, and handler logic rather than obvious reentrancy or generic access-control issues. The skill is strongest when you want a fast, structured checklist for known Cairo risk patterns.

How to Use cairo-vulnerability-scanner skill

Install and point it at the right scope

Use the cairo-vulnerability-scanner install flow in the Trail of Bits skills package, then apply it to the repository or contract subset you actually want reviewed. The primary input should be Cairo source, especially .cairo files, plus any bridge, handler, or signature-verification modules tied to StarkNet behavior.

Give it a security-review prompt, not a vague task

A strong prompt names the contract area, the trust boundaries, and the concern. For example: “Audit this Cairo StarkNet module for L1 handler misuse, felt252 arithmetic issues, and signature replay risk. Focus on externally reachable functions and message validation.” That works better than “check for vulnerabilities” because it steers the scan toward the six intended patterns.

Read these files first

Start with SKILL.md for the intended workflow, then inspect resources/VULNERABILITY_PATTERNS.md for the concrete detection logic and mitigation notes. If the repository has only one support file, that is the one to read before you run the skill on real code.

Use a narrow workflow

Begin with the contract entry points: external functions, constructors, and #[l1_handler] functions. Then review arithmetic on balances, conversions between felt252, ContractAddress, and EthAddress, and any logic that accepts messages or signatures from outside the contract. This order matches how cairo-vulnerability-scanner is designed to find high-value issues quickly.

cairo-vulnerability-scanner skill FAQ

Is this for all smart contracts?

No. The cairo-vulnerability-scanner skill is for Cairo and StarkNet contracts, not generic EVM audits. If your codebase is mostly Solidity or Rust off-chain services, the skill will add little value.

Do I need to know Cairo well first?

Basic familiarity helps, but the skill is still useful for beginners who need a guided Security Audit starting point. It is especially helpful when you know the application flow but need help checking Cairo-specific failure modes.

How is this different from a normal prompt?

A normal prompt often finds surface-level issues. The cairo-vulnerability-scanner skill gives you a repeatable review frame for known StarkNet weaknesses, which reduces missed cases and makes the audit output easier to compare across contracts.

When should I not use it?

Do not use it as your only review method for a production launch, and do not use it when the repository has no Cairo contracts. It is a focused scanner, not a full formal verification or threat-modeling replacement.

How to Improve cairo-vulnerability-scanner skill

Provide the contract context that changes the audit

The best inputs name the contract role, the asset at risk, and the cross-layer path. For example: “This bridge deposit contract receives L1 messages and mints on StarkNet; check for replay, address conversion, and handler validation.” That is far stronger than listing files alone because it tells the skill which vulnerability patterns matter most.

Mention the exact data types and trust assumptions

Results improve when you include the types and invariants that drive Cairo bugs: felt252 math, balance storage, u256 conversion, ContractAddress handling, and any signature scheme. If the contract expects monotonic nonces, message uniqueness, or bounded amounts, say so explicitly.

Iterate on the first findings

If the first pass returns suspicious arithmetic or message handling, ask for a second pass that drills into only those locations and requests exploit paths, not just observations. For example: “Review these two functions for replay or underflow exploitability and suggest the minimal fix.” That usually produces more actionable cairo-vulnerability-scanner usage results than rerunning the full scan unchanged.

Feed it the right repo slice

You will get better output by isolating the relevant .cairo files than by sending an entire monorepo with mixed languages. For cairo-vulnerability-scanner for Security Audit, the highest-signal inputs are contract files, handler modules, and any helper code that transforms addresses, signatures, or cross-layer payloads.

Ratings & Reviews

No ratings yet

Share your review

0/10000

Latest reviews

Saving...

more skill

solana-vulnerability-scanner

by trailofbits

solana-vulnerability-scanner is a focused Solana security audit skill for native Rust and Anchor programs. It helps review CPI logic, PDA validation, signer and ownership checks, and sysvar spoofing to catch six critical Solana-specific vulnerabilities before deployment.

Security Audit

Favorites 0GitHub 4.9k

security-review

by affaan-m

Use the security-review skill to review auth, user input, secrets, APIs, payments, uploads, and other sensitive flows. It provides a practical security-review guide with clear pass/fail checks, risky-pattern examples, and a focused process for catching common issues before release.

Security Audit

Favorites 0GitHub 156.3k

django-security

by affaan-m

django-security is a practical guide for hardening Django apps with authentication, authorization, CSRF, XSS, SQL injection prevention, secure cookies, and production settings. It helps developers and reviewers run a focused Security Audit, quickly spot risky config, and apply concrete fixes before deployment.

Security Audit

Favorites 0GitHub 156.1k

secure-workflow-guide

by trailofbits

secure-workflow-guide guides a 5-step Solidity security workflow: Slither triage, feature-specific checks, visual inspection, security-property notes, and manual review. It is built for smart contract teams, auditors, and builders who want a repeatable secure-workflow-guide guide before deployment or release.

Security Audit

Favorites 0GitHub 4.9k

algorand-vulnerability-scanner

by trailofbits

algorand-vulnerability-scanner is a security-audit skill for Algorand TEAL and PyTeal. It helps find 11 common issues, including rekeying attacks, fee validation gaps, field checks, and access control flaws. Use the algorand-vulnerability-scanner skill for a practical first-pass review before a manual audit.

Security Audit

Favorites 0GitHub 4.9k

supabase-postgres-best-practices

by supabase

supabase-postgres-best-practices is a Supabase Postgres optimization skill for query tuning, indexing, schema design, RLS performance, locking, and connection management.

Database Engineering

Favorites 0GitHub 1.7k

token-integration-analyzer

by trailofbits

token-integration-analyzer is a security-review skill for token implementations and token integrations. It checks ERC20/ERC721 conformity, weird token patterns, owner privileges, scarcity, and non-standard token handling for Security Audit workflows. Use the token-integration-analyzer guide to reduce guesswork and assess compatibility risk.

Security Audit

Favorites 0GitHub 4.9k

cosmos-vulnerability-scanner

by trailofbits

cosmos-vulnerability-scanner finds consensus-critical bugs in Cosmos SDK modules, CosmWasm contracts, IBC integrations, and Cosmos EVM stacks. Use this cosmos-vulnerability-scanner guide for security audit workflows, chain-halt risks, fund-loss paths, and pre-launch reviews.

Security Audit

Favorites 0GitHub 4.9k

audit-website

by squirrelscan

The audit-website skill uses the squirrel CLI to audit websites and webapps across 230+ rules for SEO, technical, content, performance, security, links, and site health, then returns actionable LLM-ready reports.

UX Audit

Favorites 0GitHub 68

skill-comply

by affaan-m

skill-comply is a compliance-testing skill that checks whether an agent follows a skill, rule, or agent definition in real runs. It generates specs from markdown, runs three prompt strictness levels, classifies tool-call timelines, and reports compliance rates with evidence. Useful for skill-comply for Compliance Review.

Compliance Review

Favorites 0GitHub 156.3k

security-scan

by affaan-m

The security-scan skill audits your Claude Code .claude/ configuration for secrets, risky MCP setup, injection-prone instructions, dangerous bypass flags, and weak agent or hook definitions using AgentShield. Use it for repeatable security checks before committing or onboarding.

Security Audit

Favorites 0GitHub 156.3k

perl-security

by affaan-m

perl-security helps you review Perl code for safer input handling, taint mode, shell execution, DBI placeholders, and web security issues like XSS, SQLi, and CSRF. Use this perl-security skill for Security Audit work, remediation planning, and secure development when user-controlled data reaches sensitive sinks.

Security Audit

Favorites 0GitHub 156.2k

laravel-security

by affaan-m

The laravel-security skill is a practical Laravel security checklist for authn/authz, validation, CSRF, mass assignment, file uploads, secrets, rate limiting, and secure deployment. Use it for audits, feature reviews, and hardening work in Laravel apps.

Security Audit

Favorites 0GitHub 156.2k

healthcare-eval-harness

by affaan-m

healthcare-eval-harness is a patient safety evaluation harness for healthcare app deployments. It helps teams verify CDSS accuracy, PHI exposure, data integrity, clinical workflow behavior, and integration compliance before release. Critical failures block deployment, making it useful for healthcare-eval-harness for Model Evaluation and CI safety gates.

Model Evaluation

Favorites 0GitHub 156.2k

github-ops

by affaan-m

github-ops is a GitHub operations skill for triaging issues, managing PRs, checking CI failures, preparing releases, and monitoring repository health with the gh CLI. Use the github-ops skill when you need repeatable github-ops usage for a real repository, with auth via gh auth login and clear repo context.

Github

Favorites 0GitHub 156.2k

ecc-tools-cost-audit

by affaan-m

ecc-tools-cost-audit is an evidence-first audit skill for ECC Tools cost spikes, runaway PR creation, quota bypass, premium-model leakage, and duplicate jobs. Use it for Backend Development investigations that trace a request from webhook to worker to billing decision and prove where spend is being created.

Backend Development

Favorites 0GitHub 156.1k