ReddRadar
Topic: security-audit
144 skills in this topic.
-
semi-trusted-roles
Trigger Pattern Crank/bot/operator signer checks, authority-gated instructions - Inject Into Breadth agents, depth-state-trace
PlamenTSV/plamen 215
-
dependency-audit
Trigger Pattern EXTERNAL_LIB flag (third-party Move dependencies detected in Move.toml beyond Sui framework) - Inject Into Breadth agents, depth-external
PlamenTSV/plamen 215
-
token-flow-tracing
Trigger Pattern SEP-41 token transfers, TokenClient::new, transfer/transfer_from/burn, XLM native balance - Inject Into Lifecycle, External-Env agents
PlamenTSV/plamen 215
-
dependency-audit
Trigger EXTERNAL_LIB flag detected (protocol uses third-party Move dependencies) - Used by Breadth agents, depth-external
PlamenTSV/plamen 215
-
economic-design-audit
Trigger Pattern MONETARY_PARAMETER flag (required) - Inject Into Breadth agents (merged via M4 hierarchy)
PlamenTSV/plamen 215
-
external-precondition-audit
Trigger Pattern Any external module interaction detected in attack_surface.md - Inject Into Breadth agents (merged via M5 hierarchy)
PlamenTSV/plamen 215
-
flash-loan-interaction
Trigger Pattern FLASH_LOAN flag (required) or BALANCE_DEPENDENT flag (optional complement) - Inject Into Breadth agents, depth-token-flow, depth-edge-case
PlamenTSV/plamen 215
-
ptb-composability
Trigger Pattern PTB flag (always for Sui -- Programmable Transaction Blocks are the Sui transaction model) - Inject Into Breadth agents, depth-external, depth-state-trace
PlamenTSV/plamen 215
-
temporal-parameter-staleness
Trigger Pattern interval|period|duration|delay|cooldown|lock_period|timelock|unbonding|claim_delay|withdraw_delay|maturity|ledger_sequence|timestamp - Inject Into Breadth agents, depth-state-trace
PlamenTSV/plamen 215
-
contract-upgradeability
Trigger Pattern update_current_contract_wasm detected in codebase - Inject Into Breadth agents, depth-state-trace
PlamenTSV/plamen 215
-
migration-analysis
Trigger Protocol has migration patterns (reinitializer, V2/V3, deprecated, upgrade, legacy) - Covers Token type mismatches, stranded assets, interface incompatibilities
PlamenTSV/plamen 215
-
reentrancy-analysis
Trigger REENTRANCY flag detected (dynamic dispatch, closures, dispatchable FA, function values) - Used by Breadth agents, depth-state-trace
PlamenTSV/plamen 215
-
ref-lifecycle
Type Thought-template (instantiate before use) - Trigger Pattern Always (Aptos Move) -- ConstructorRef/TransferRef/MintRef/BurnRef lifecycle
PlamenTSV/plamen 215
-
semi-trusted-roles
Trigger Pattern SEMI_TRUSTED_ROLE flag (required) - Inject Into Breadth agents, depth-state-trace
PlamenTSV/plamen 215
-
package-version-safety
Trigger Pattern PACKAGE_UPGRADE flag (UpgradeCap detected, multiple package versions, upgrade policy references) - Inject Into Breadth agents, depth-external
PlamenTSV/plamen 215
-
verification-protocol
Trigger Pattern Always (used by all verifier agents) - Inject Into security-verifier agents (Phase 5)
PlamenTSV/plamen 215
-
centralization-risk
Trigger Pattern Protocol has privileged authorities (admin, operator, upgrade authority, governance) - Inject Into Breadth agents (optional), depth-state-trace
PlamenTSV/plamen 215
-
verification-protocol
How to prove a hypothesis is TRUE or FALSE using Move unit tests.
PlamenTSV/plamen 215
-
zero-state-return
Trigger Pattern Vault/pool/first-depositor pattern detected - Inject Into Depth-edge-case
PlamenTSV/plamen 215
-
centralization-risk
Trigger Protocol has privileged roles (admin, owner, operator, governance, multisig) - Covers Single points of failure, privilege escalation, external governance dependencies
PlamenTSV/plamen 215
-
cross-chain-message-integrity
Type Thought-template (instantiate before use) - Trigger Pattern CROSS_CHAIN_MSG flag detected (protocol RECEIVES cross-chain messages)
PlamenTSV/plamen 215
-
oracle-analysis
Trigger Pattern ORACLE flag (required) - Inject Into Breadth agents, depth-external, depth-edge-case
PlamenTSV/plamen 215
-
auth-validation
Trigger Pattern Always required for Soroban audits - Inject Into Breadth agents, depth agents
PlamenTSV/plamen 215
-
flash-loan-interaction
Trigger Pattern FLASH_LOAN flag (required) or BALANCE_DEPENDENT flag (optional complement) - Inject Into Breadth agents, depth-token-flow, depth-edge-case
PlamenTSV/plamen 215