solidity-security
by wshobsonMaster smart contract security best practices to prevent vulnerabilities and implement secure Solidity patterns. Ideal for developers, auditors, and teams building or reviewing Ethereum smart contracts and DeFi protocols.
Overview
What is solidity-security?
solidity-security is a specialized skill for mastering smart contract security on Ethereum and other EVM-compatible blockchains. It provides actionable guidance on preventing common vulnerabilities, implementing secure Solidity patterns, and preparing contracts for professional audits. This skill is essential for developers, auditors, and blockchain teams who need to ensure the safety and reliability of their smart contracts, especially in DeFi and high-value applications.
Who should use this skill?
- Solidity developers writing new smart contracts
- Security auditors reviewing existing contracts
- DeFi protocol engineers
- Blockchain teams preparing for external audits
- Anyone responsible for smart contract security and best practices
Problems solved
- Identifies and prevents critical vulnerabilities like reentrancy, integer overflow/underflow, and access control issues
- Guides on secure coding patterns and best practices
- Helps optimize gas usage without sacrificing security
- Prepares contracts for audit-readiness and compliance
How to Use
Installation Steps
-
Add the skill to your agent or project with:
npx skills add https://github.com/wshobson/agents --skill solidity-security -
Start by reviewing the
SKILL.mdfile for a high-level overview of security topics and recommended practices. -
Explore related files such as
README.md,AGENTS.md, and anyrules/,resources/, orreferences/folders for deeper context and implementation details.
Adapting to Your Workflow
- Integrate the security checks and patterns into your smart contract development lifecycle.
- Use the provided examples to refactor vulnerable code and adopt secure patterns (e.g., Checks-Effects-Interactions for reentrancy prevention).
- Reference the skill when conducting internal audits or preparing for third-party reviews.
When to Use solidity-security
- During initial smart contract development to avoid introducing vulnerabilities
- When auditing or refactoring legacy contracts
- Before deploying contracts to mainnet or public testnets
- As part of continuous integration and security review processes
FAQ
What vulnerabilities does solidity-security help prevent?
solidity-security addresses critical issues such as reentrancy, integer overflow/underflow, access control flaws, and other common attack vectors in Solidity smart contracts.
Is this skill only for Ethereum?
While focused on Solidity and the Ethereum Virtual Machine (EVM), the security principles apply to any EVM-compatible blockchain (e.g., Polygon, Binance Smart Chain).
Where should I start after installing?
Begin with the SKILL.md file for a structured overview. Then, review code examples and adapt secure patterns to your own contracts.
Can I use this skill for DeFi protocols?
Yes. solidity-security is especially relevant for DeFi projects, where security risks and attack surfaces are significant.
How do I get the most out of solidity-security?
Regularly update your knowledge of best practices, integrate security checks into your workflow, and use the skill as a reference during development and audits. For advanced needs, supplement with external audits and formal verification tools.