Smart Contract Auditor

Name: Smart Contract Auditor
Author: Anthropic

Caution

Reviews Solidity and Vyper smart contracts for security vulnerabilities, gas optimization opportunities, and best practice compliance following industry audit standards.

By Anthropic 5,800 v1.1.0 Updated 2026-03-10

Install

Claude Code

Copy the SKILL.md file to your project's .claude/skills/ directory

Cursor

Copy the skill prompt to .cursor/rules/ as a .mdc file

OpenAI Codex CLI

Add the skill prompt to your Codex configuration

About This Skill

Smart Contract Auditor performs comprehensive security reviews of Solidity and Vyper smart contracts. It checks for known vulnerability patterns, gas inefficiencies, and deviations from best practices — producing structured audit reports with severity ratings and remediation guidance.

How It Works

Code ingestion — Reads Solidity/Vyper source files including imported dependencies and interfaces
Vulnerability scanning — Checks for reentrancy, integer overflow/underflow, unchecked external calls, front-running risks, and access control issues
Gas analysis — Identifies gas-heavy patterns (storage reads in loops, redundant SLOADs, unoptimized data types)
Standard compliance — Verifies ERC standard implementations for missing functions, incorrect return values, or event emissions
Report generation — Produces a findings report categorized by severity (Critical, High, Medium, Low, Informational)

Best For

DeFi teams preparing contracts for professional audit
Developers doing self-review before submitting to audit firms
Educational review of smart contract security patterns
Quick security checks on forked or modified protocol code

Scope and Limitations

This is a static analysis tool that catches common vulnerability patterns. It does not replace a professional audit from firms like Trail of Bits, OpenZeppelin, or Consensys Diligence. Complex business logic vulnerabilities, economic exploits, and cross-contract interaction risks require human expert analysis.

Use Cases

Pre-audit review of DeFi protocol smart contracts
Identifying reentrancy, overflow, and access control vulnerabilities
Gas optimization analysis for frequently called functions
Checking ERC-20/ERC-721/ERC-1155 standard compliance
Reviewing upgrade proxy patterns for storage collision risks

Pros & Cons

Pros

+ Covers major Solidity vulnerability categories
+ Gas optimization suggestions for cost reduction
+ Structured severity-rated audit reports
+ ERC standard compliance verification

Cons

- Static analysis only — cannot catch all runtime vulnerabilities
- Does not replace professional audit firms for mainnet deployments
- Complex cross-contract and economic exploits require human expert review

Stay Updated on Agent Skills

Get weekly curated skills + safety alerts

每周精选 Skills + 安全预警