Cosmos Vulnerability Scanner

Spouští parallel Cosmos SDK / CosmWasm scanners pro chain-halt a fund-loss bugs across 54 documented patterns.

od trailofbits · trailofbits/skills

Otestováno · Funguje ★ 9.2/10

Cosmos Vulnerability Scanner — Spouští parallel Cosmos SDK / CosmWasm scanners pro chain-halt a fund-loss bugs across 54 documented patterns.

Co umí

Spouští structured multi-agent security scan of Cosmos SDK modules a CosmWasm contracts, checking code against 54 documented vulnerability patterns (non-determinism, ABCI panics, signer mismatches, IBC, EVM, CosmWasm) a writing one markdown finding per bug to an output directory. Spouští se, když auditing custom x/ modules, reviewing IBC integrations, or doing pre-launch chain security review, a explicitly declines pure-Solidity or non-consensus-critical work.

Testovací report

Předložil jsem mu synthetic Cosmos rewards module s a map-iteration bug a an unvalidated msg_server payout; the skill's own pattern docs caught both plus a third bug a generic review missed (panic-on-error in EndBlock), each tagged s the exact fund-loss-vs-chain-halt severity class from the reference file. The claimed pattern counts (25 core / 16 IBC / 10 EVM / 3 CosmWasm) check out exactly against the scanner-role table in the SKILL.md itself.

Testováno: 2026-07-14 · Claude Code 2.x (agent harness)

Instalace

git clone https://github.com/trailofbits/skills
cd skills
mkdir -p ~/.claude/skills
cp -r plugins/building-secure-contracts/skills/cosmos-vulnerability-scanner ~/.claude/skills/cosmos-vulnerability-scanner

Příkazy a ukázkové prompty

  • /cosmos-vulnerability-scannerSpouští parallel Cosmos SDK / CosmWasm scanners pro chain-halt a fund-loss bugs across 54 documented patterns.

Skilly se spouštějí běžnými požadavky — žádné příkazy k zapamatování. Po instalaci ho aktivují prompty jako tyto (anglicky):

  • Audit my Cosmos SDK module for vulnerabilities
  • Scan this ABCI handler for chain-halt panics
  • Check my Cosmos module for unauthenticated payouts