Trail of Bits/building-secure-contracts — Agent Skills | officialskills.sh
officialskills.sh
...
Back to skills

building-secure-contracts

officialsecurity

A collection of 11 skills for smart contract security across Algorand, Cairo, Cosmos, Solana, Substrate, and TON.

Trail of BitsTrail of Bits
View all Trail of Bits skills →

Setup & Installation

npx skills add https://github.com/trailofbits/skills --skill building-secure-contracts
or paste the link and ask your coding assistant to install it
https://github.com/trailofbits/skills/tree/main/plugins/building-secure-contracts
View on GitHub

What This Skill Does

A collection of 11 skills for smart contract security across Algorand, Cairo, Cosmos, Solana, Substrate, and TON. Covers platform-specific vulnerability scanning and development guidance based on Trail of Bits' Building Secure Contracts framework.

Rather than manually cross-referencing Trail of Bits' published vulnerability catalogs and checklists across six blockchain platforms, each skill surfaces the relevant patterns and guidance directly for the codebase you're working in.

When to use it

  • Scanning a Solana/Anchor program for missing ownership checks and signer authorization issues
  • Checking ERC20 token implementations for non-standard behaviors like fee-on-transfer or rebasing
  • Preparing a smart contract codebase for a third-party security audit with a structured checklist
  • Evaluating a Substrate pallet for BadOrigin handling and unsigned transaction validation
  • Scoring a contract's code maturity across 9 categories before a major deployment

Similar Skills

best-practices

A checklist of modern web development standards covering HTTPS, CSP headers, input sanitization, deprecated API avoidance, and HTML validity.

auth0-android

Adds authentication to native Android apps using the Auth0 SDK.

auth0-angular

Adds authentication to Angular apps using the @auth0/auth0-angular SDK.

auth0-aspnetcore-api

Adds JWT access token validation to ASP.