algorand-vulnerability-scanner
Detects 11 Algorand-specific smart contract vulnerabilities including rekeying attacks, unchecked transaction fields, and access control issues.
- Scans TEAL and PyTeal files for critical patterns like missing RekeyTo validation, unchecked CloseRemainderTo/AssetCloseTo fields, and group transaction manipulation
- Integrates with Tealer (Trail of Bits static analyzer) for automated detection and provides manual vulnerability sweep workflows
- Covers stateful applications and smart signatures with severity-based reporting (critical, high, medium) and actionable remediation code
- Includes transaction field validation matrix, atomic group analysis, and access control review checklists for comprehensive pre-audit assessment
Algorand Vulnerability Scanner
1. Purpose
Systematically scan Algorand smart contracts (TEAL and PyTeal) for platform-specific security vulnerabilities documented in Trail of Bits' "Not So Smart Contracts" database. This skill encodes 11 critical vulnerability patterns unique to Algorand's transaction model.
2. When to Use This Skill
- Auditing Algorand smart contracts (stateful applications or smart signatures)
- Reviewing TEAL assembly or PyTeal code
- Pre-audit security assessment of Algorand projects
- Validating fixes for reported Algorand vulnerabilities
- Training team on Algorand-specific security patterns
3. Platform Detection
File Extensions & Indicators
- TEAL files:
.teal - PyTeal files:
.pywith PyTeal imports
More from trailofbits/skills
ask-questions-if-underspecified
Clarify requirements before implementing. Use when serious doubts arise.
4.2Ksemgrep
>-
3.8Kmodern-python
Configures Python projects with modern tooling (uv, ruff, ty). Use when creating projects, writing standalone scripts, or migrating from pip/Poetry/mypy/black.
3.8Kcodeql
>-
3.6Kinsecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
3.5Ksecure-workflow-guide
Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.
3.4K