Loading...
Loading...
Found 9 Skills
[AUTO-INVOKE] MUST be invoked BEFORE deploying DeFi contracts (DEX, lending, staking, LP, token). Covers anti-whale, anti-MEV, flash loan protection, launch checklists, and emergency response. Trigger: any deployment or security review of DeFi-related contracts.
Guides DeFi protocol security review and rug-risk assessment from public chain data, verified source, and historical patterns—covering EVM and Solana-style deployments, liquidity and tokenomics, governance centralization, bridges, exploit pattern matching, and evidence-structured audit reports. Use when the user asks for a DeFi security audit, rug risk analysis, contract vulnerability triage, LP lock verification, governance or upgrade risk, or cross-chain bridge review from observable data only.
Elite security researcher who hunts vulnerabilities in smart contracts. Has found critical bugs worth millions in TVL. Specializes in reentrancy, access control, oracle manipulation, and economic exploits across EVM and Solana.Use when "audit, security review, vulnerability, exploit, reentrancy, access control, oracle manipulation, flash loan attack, smart contract security, slither, mythril, formal verification, invariant testing, security, audit, smart-contracts, solidity, vulnerabilities, defi, exploits, reentrancy, access-control, oracle-manipulation" mentioned.
DeFi attack pattern playbook. Use when analyzing flash loan attacks, price oracle manipulation, MEV sandwich attacks, governance exploits, bridge vulnerabilities, and token standard edge cases in decentralized finance protocols.
Guides discovery and documentation of Solana DeFi protocol risks from public code and chain state—Anchor/native programs, PDAs, CPIs, oracles, pools, SPL mechanics, and historical tx reconstruction. Use when the user asks for Solana program security review, DeFi vulnerability triage, PDA or CPI safety, oracle or liquidity-pool risk, launchpad/bonding-curve issues, or evidence-backed severity findings without exploits or private keys.
Master smart contract security best practices, vulnerability prevention, and secure Solidity development patterns.
Points to Christoph Michel’s (cmichel.io) long-form guide on becoming a smart contract security auditor—EVM-centric learning path, CTFs, canonical DeFi contracts, finance basics, and an FAQ (tools, scoping, compensation). Use when the user asks how to start in Solidity/EVM auditing or cites this article—not as current salary data, job placement advice, or a substitute for hands-on practice and primary documentation.
Early rug-risk triage for token launches and small DeFi deployments from public data—liquidity lock and pool events, dev and sniper wallet clustering, contract authority and transfer-risk checks, coordinated exits, and evidence-backed risk scores. Use when the user asks for rug pull detection, pump-and-dump signals, launch red flags, LP removal forensics, or cross-chain profit exit tracing—not for front-running trades, harassing teams, or certifying scams without on-chain proof.
Mitigation patterns for privileged-access and governance-adjacent DeFi failures, anchored on the public Drift Protocol incident analysis in Chainalysis’s blog—social engineering, Solana durable nonces, oracle and collateral abuse, multisig governance, and operational monitoring. Use when hardening signer processes, reviewing admin surfaces, or teaching post-incident lessons—not for designing exploits or attributing actors without evidence.