aiken-dex-security-audit
Installation
SKILL.md
aiken-dex-security-audit
When to use
- Auditing Plutus V3 Aiken contracts for a DEX (validators + minting policies)
- You need a rigorous report: threat model, invariants, findings, and reproducible exploit tx shapes
Non-negotiable rules
- No hallucinations. If something isn't in the repo or inputs, say unknown and list exactly what's missing.
- Assume a hostile attacker can craft arbitrary transactions: multi-input, multi-action, weird datums, weird token bundles.
- Never ask for or handle seed phrases / private keys.
- Prefer evidence over vibes: minimal tx shape + failing test + fix + passing test.
Required inputs (ask for anything missing)
- Script list + purpose (spend/mint/reward/cert) and which are critical path for swaps/liquidity
- Datum/redeemer schemas (Aiken types + encoding expectations)
- Parameters/config: policy IDs, script hashes, upgrade/admin controls, oracle deps (if any)
- Off-chain tx builder(s) in scope (where swaps/liquidity txs are constructed)
- Network assumptions (mainnet/preprod) + constraints (tx size, exunits, reference scripts, inline datums)
Related skills
More from flux-point-studios/cardano-agent-skills
aiken-smart-contracts
Aiken workflows: validators, building, blueprints, .plutus generation. Safe guidance for smart contract development.
42cardano-protocol-params
Protocol parameters: fetch pparams, understand fees, min-UTxO, execution budgets. Read-only diagnostics.
36cardano-cli-plutus-scripts
Plutus script guidance: datums, redeemers, collateral, reference scripts. Templates only—use operator to execute.
36plutus-v3-conway
Plutus V3 under Conway: unified context, governance scripts, V2→V3 migration. Conceptual and practical guidance.
35cardano-cli-wallets
Wallet guidance: key generation, address building, UTxO queries. Provides templates and explanations (no execution).
35cardano-cli-transactions
Transaction guidance: build, sign, submit patterns. Provides templates (no execution). Use operator skill to execute.
34