Asi cairo-vulnerability-scanner
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects. (project, gitignored)
git clone https://github.com/plurigrid/asi
T=$(mktemp -d) && git clone --depth=1 https://github.com/plurigrid/asi "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/cairo-vulnerability-scanner" ~/.claude/skills/plurigrid-asi-cairo-vulnerability-scanner-8e9608 && rm -rf "$T"
skills/cairo-vulnerability-scanner/SKILL.mdCairo Vulnerability Scanner Skill
Trit: -1 (MINUS) Category: building-secure-contracts Author: Trail of Bits Source: trailofbits/skills License: AGPL-3.0
Description
Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, address conversion problems, and signature replay. Use when auditing StarkNet projects. (project, gitignored)
When to Use
This is a Trail of Bits security skill. Refer to the original repository for detailed usage guidelines and examples.
See: https://github.com/trailofbits/skills
Related Skills
- audit-context-building
- codeql
- semgrep
- variant-analysis
SDF Interleaving
This skill connects to Software Design for Flexibility (Hanson & Sussman, 2021):
Primary Chapter: 3. Variations on an Arithmetic Theme
Concepts: generic arithmetic, coercion, symbolic, numeric
GF(3) Balanced Triad
cairo-vulnerability-scanner (+) + SDF.Ch3 (○) + [balancer] (−) = 0
Skill Trit: 1 (PLUS - generation)
Connection Pattern
Generic arithmetic crosses type boundaries. This skill handles heterogeneous data.