Skip to main content

cairo-vulnerability-scanner

cairo-vulnerability-scanner

Catalogue généré le 2026-05-11

En une phrase

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay.

Quand l'utiliser

  • Use when auditing StarkNet projects.

Comment l'invoquer

  • Slash command : /cairo-vulnerability-scanner (si exposé dans ton CLI)
  • Phrases déclencheurs : voir la description complète ci-dessous
  • Auto-invocation : sur demande explicite

Description complète

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects.

Pour aller plus loin

Cairo/StarkNet Vulnerability Scanner

1. Purpose

Systematically scan Cairo smart contracts on StarkNet for platform-specific security vulnerabilities related to arithmetic, cross-layer messaging, and cryptographic operations. This skill encodes 6 critical vulnerability patterns unique to Cairo/StarkNet ecosystem.

2. When to Use This Skill

  • Auditing StarkNet smart contracts (Cairo)
  • Reviewing L1-L2 bridge implementations
  • Pre-launch security assessment of StarkNet applications
  • Validating cross-layer message handling
  • Reviewing signature verification logic
  • Assessing L1 handler functions

3. Platform Detection

File Extensions & Indicators

  • Cairo files: .cairo

Language/Framework Markers

Project Structure

  • src/contract.cairo - Main contract implementation
  • src/lib.cairo - Library modules
  • tests/ - Contract tests
  • Scarb.toml - Cairo project configuration

(extrait — voir le SKILL.md complet pour la suite)

Source

  • Plugin : trailofbits/building-secure-contracts
  • Nom interne : cairo-vulnerability-scanner
  • Fichier : /home/thymon/.claude/plugins/cache/trailofbits/building-secure-contracts/1.0.1/skills/cairo-vulnerability-scanner/SKILL.md