Smart contract development advisor based on Trail of Bits' best practices. Analyzes codebase to generate documentation/specifications, review architecture, check upgradeability patterns, assess implementation quality, identify pitfalls, review dependencies, and evaluate testing. Provides actionable recommendations.
View on GitHubFebruary 1, 2026
Select agents to install to:
npx add-skill https://github.com/trailofbits/skills/blob/main/plugins/building-secure-contracts/skills/guidelines-advisor/SKILL.md -a claude-code --skill guidelines-advisorInstallation paths:
.claude/skills/guidelines-advisor/# Guidelines Advisor ## Purpose Systematically analyzes the codebase and provides guidance based on Trail of Bits' development guidelines: 1. **Generate documentation and specifications** (plain English descriptions, architectural diagrams, code documentation) 2. **Optimize on-chain/off-chain architecture** (only if applicable) 3. **Review upgradeability patterns** (if your project has upgrades) 4. **Check delegatecall/proxy implementations** (if present) 5. **Assess implementation quality** (functions, inheritance, events) 6. **Identify common pitfalls** 7. **Review dependencies** 8. **Evaluate test suite and suggest improvements** **Framework**: Building Secure Contracts - Development Guidelines --- ## How This Works ### Phase 1: Discovery & Context Explores the codebase to understand: - Project structure and platform - Contract/module files and their purposes - Existing documentation - Architecture patterns (proxies, upgrades, etc.) - Testing setup - Dependencies ### Phase 2: Documentation Generation Helps create: - Plain English system description - Architectural diagrams (using Slither printers for Solidity) - Code documentation recommendations (NatSpec for Solidity) ### Phase 3: Architecture Analysis Analyzes: - On-chain vs off-chain component distribution (if applicable) - Upgradeability approach (if applicable) - Delegatecall proxy patterns (if present) ### Phase 4: Implementation Review Assesses: - Function composition and clarity - Inheritance structure - Event logging practices - Common pitfalls presence - Dependencies quality - Testing coverage and techniques ### Phase 5: Recommendations Provides: - Prioritized improvement suggestions - Best practice guidance - Actionable next steps --- ## Assessment Areas I analyze 11 comprehensive areas covering all aspects of smart contract development. For detailed criteria, best practices, and specific checks, see [ASSESSMENT_AREAS.md](resources/ASSESSMENT_AREAS.md). ### Quick Reference: 1. **Documen