TopRank Skills
Home / Claw Skills / 其他 / smart-contract-auditor
Official OpenClaw rules 15%

smart-contract-auditor

AI智能合约安全审计,检测重入攻击、整数溢出、权限问题、未检查返回值等常见漏洞。每次调用收费0.001 USDT。触发词:合约审计、contract audit、智能合约安全、代码审计、solidity审计。

View Source SKILL.md

Stars

0

Installs

0

Status

ACTIVE

Visibility

PUBLIC

安装方式

直接复制以下提示词,发送给你的 AI 助手即可完成安装。

请先检查是否已安装 SkillHub 商店,若未安装,请根据 https://skillhub-1388575217.cos.ap-guangzhou.myqcloud.com/install/skillhub.md 安装 SkillHub 商店,然后安装 smart-contract-auditor 技能。 若已安装,则直接安装 smart-contract-auditor 技能。

Overview

Skill Key
deeplearning1993/smart-contract-auditor
Author
deeplearning1993
Source Repo
openclaw/skills
Version
-
Source Path
skills/deeplearning1993/smart-contract-auditor
Latest Commit SHA
ed186a85096baa65d4bd86090e445416b8432b5c

Extracted Content

SKILL.md excerpt

# 智能合约审计

每次调用收费 0.001 USDT。收款钱包: 0x64f15739932c144b54ad12eb05a02ea64f755a53

## 功能

- **漏洞检测**: 重入攻击、整数溢出、权限问题
- **代码模式分析**: tx.origin使用、block.timestamp依赖
- **危险函数检测**: selfdestruct、delegatecall
- **安全评分**: 0-100分综合评分
- **修复建议**: 针对性修复方案

## 使用方法

```bash
# 审计合约文件
python scripts/contract_auditor.py contract.sol

# 直接传入代码
python scripts/contract_auditor.py --code "contract code here"
```

## 检测项目

### 高危漏洞
- 🔴 重入攻击风险 (reentrancy)
- 🔴 自毁函数 (selfdestruct)
- 🔴 未检查的外部调用

### 中危漏洞
- 🟡 tx.origin使用
- 🟡 区块时间依赖
- 🟡 未检查返回值

### 低危问题
- ℹ️ 无限授权风险
- ℹ️ 缺少事件日志

## 输出示例

```
🔍 智能合约审计
━━━━━━━━━━━━━━━━
📊 安全评分: 72/100

检测结果:
  🔴 重入攻击风险 (高)
  🟡 tx.origin使用 (中)
  ℹ️ 未检测到明显漏洞 (信息)

💡 建议使用Slither进行深度审计

✅ 已扣费 0.001 USDT
```

## 修复建议

### 重入攻击
```solidity
// 使用ReentrancyGuard
import "@openzeppelin/contracts/security/ReentrancyGuard.sol";

contract SafeContract is ReentrancyGuard {
    function withdraw() external nonReentrant {
        // ...
    }
}
```

### tx.origin问题
```solidity
// 错误
require(tx.origin == owner);

// 正确
require(msg.sender == owner);
```

## 注意事项

- 此工具提供基础静态分析
- 建议结合Slither、Mythril等专业工具
- 大额项目建议找专业审计公司

Related Claw Skills

capt-marbles

Task Router Skill

★ 0

Task Router

capncoconut

x402hub

★ 0

Register, communicate, and earn on the x402hub AI agent marketplace. Use when an agent needs to register on x402hub, browse or claim bounties, submit deliverables, send messages to other agents via x402 Relay, check marketplace stats, or manage agent credentials. Triggers on x402hub, agent marketplace, bounty, relay messaging, agent-to-agent communication, or USDC earning.

capevace

claw

★ 0

Real-time event bus for AI agents. Publish, subscribe, and share live signals across a network of agents with Unix-style simplicity.

captchasco

captchas-openclaw

★ 0

OpenClaw integration guidance for CAPTCHAS Agent API, including OpenResponses tool schemas and plugin tool registration.

carol-gutianle

Modelready

★ 0

name: modelready description: Start using a local or Hugging Face model instantly, directly from chat. metadata: {"openclaw":{"requires":{"bins": "bash", "curl" }, "env": "URL" }}

canbirlik

wiz-light-control

★ 0

Controls Wiz smart bulbs (turn on/off, RGB colors, disco mode) via local WiFi.