100
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill scalus3/scalus --skill smart-contract-security-review- SKILL.md9.6 KB
Overview
This skill performs a security review of Scalus/Cardano smart contracts by analyzing @Compile-annotated validators and related on-chain code. It detects common vulnerabilities such as redirect attacks, missing token verification, inexact value checks, integer overflows, and self-dealing. Use it to verify exploitability before deploying validators or when /security-review is invoked. The tool requires an explicit path argument to target the repository code.
How this skill works
The review discovers on-chain code by locating @Compile annotations, classes extending Validator variants, and explicit Plutus.compile calls. It classifies each validator, runs a checklist of vulnerability patterns, and attempts concrete attack transaction traces to verify exploitability. Only verified issues are reported with file:line locations and suggested fixes, and interactive remediation steps are provided to apply or decline fixes.
When to use it
- Before deploying any validator to mainnet
- When merging PRs that add or modify on-chain logic
- If /security-review endpoint is invoked by CI or a reviewer
- During security audits of dApp contract bundles
- When adding parameterized or multi-purpose validators
Best practices
- Always provide the repository path argument so discovery targets only intended files
- Trace a concrete attack transaction for every flagged pattern before reporting
- Prioritize fixing Critical and High severity verified issues first
- Write unit tests that reproduce exploit traces when verification is uncertain
- Use precise equality (===) for token and ADA checks and bounds-check index accesses
- Log remediation decisions (fixed/declined/false positive) and re-run sbtn quick to verify builds
Example use cases
- Scan a repository path to find all @Compile objects and list validator types
- Detect missing state token checks that would allow token theft and propose a fix
- Verify an alleged double-satisfaction attack by constructing and tracing a concrete attack tx
- Check index usages (.at(idx)) across validators and flag missing bounds checks
- Run an interactive remediation session to apply fixes, compile, and produce a summary report
FAQ
Provide the project root path that contains Scala sources. The tool uses that path to grep @Compile, extends Validator, and Plutus.compile calls.
Will the tool report every pattern match as a vulnerability?
No. Every potential issue must be verified by tracing a concrete attack transaction. Only issues that pass all require() checks in the trace are reported.
Can I automate this in CI?
Yes. Invoke the review with the repo path in CI. Configure it to fail on verified Critical/High findings and to produce the interactive report artifacts.