Audit Solana programs (Anchor or native Rust) for security vulnerabilities. Use when reviewing smart contract security, finding exploits, analyzing attack vectors, performing security assessments, or when explicitly asked to audit, review security, check for bugs, or find vulnerabilities in Solana programs.
View on GitHubsolana/skills/solana-security/SKILL.md
January 21, 2026
Select agents to install to:
npx add-skill https://github.com/tenequm/claude-plugins/blob/main/solana/skills/solana-security/SKILL.md -a claude-code --skill solana-securityInstallation paths:
.claude/skills/solana-security/# Solana Security Auditing Systematic security review framework for Solana programs, supporting both Anchor and native Rust implementations. ## Review Process Follow this systematic 5-step process for comprehensive security audits: ### Step 1: Initial Assessment Understand the program's context and structure: - **Framework**: Anchor vs Native Rust (check for `use anchor_lang::prelude::*`) - **Anchor version**: Check `Cargo.toml` for compatibility and known issues - **Dependencies**: Oracles (Pyth, Switchboard), external programs, token programs - **Program structure**: Count instructions, identify account types, analyze state management - **Complexity**: Lines of code, instruction count, PDA patterns - **Purpose**: DeFi, NFT, governance, gaming, etc. ### Step 2: Systematic Security Review For each instruction, perform security checks in this order: 1. **Account Validation** - Verify signer, owner, writable, and initialization checks 2. **Arithmetic Safety** - Check all math operations use `checked_*` methods 3. **PDA Security** - Validate canonical bumps and seed uniqueness 4. **CPI Security** - Ensure cross-program invocations validate target programs 5. **Oracle/External Data** - Verify price staleness and oracle status checks **→ See [references/security-checklists.md](references/security-checklists.md) for detailed checklists** ### Step 3: Vulnerability Pattern Detection Scan for common vulnerability patterns: - Type cosplay attacks - Account reloading issues - Improper account closing - Missing lamports checks - PDA substitution attacks - Arbitrary CPI vulnerabilities - Missing ownership validation - Integer overflow/underflow **→ See [references/vulnerability-patterns.md](references/vulnerability-patterns.md) for code examples and exploit scenarios** ### Step 4: Architecture and Testing Review Evaluate overall design quality: - PDA design patterns and collision prevention - Account space allocation and rent exemption - Error handling approach