cairo-vulnerability-scanner

Installation

Summary

Scans Cairo/StarkNet smart contracts for 6 critical vulnerabilities including felt252 arithmetic overflow, L1-L2 messaging issues, and signature replay attacks.

Detects 6 vulnerability patterns: unchecked arithmetic, storage collision, missing access control, improper felt252 boundaries, unvalidated contract addresses, and missing caller validation
Analyzes L1 handler functions for unvalidated from_address parameters and L1-L2 bridge implementations for cross-layer messaging vulnerabilities
Integrates with Caracal static analyzer for automated detection and provides detailed findings with vulnerable code snippets and remediation examples
Includes testing recommendations, priority guidelines, and a pre-deployment security checklist for StarkNet projects

SKILL.md

Cairo/StarkNet Vulnerability Scanner

1. Purpose

Systematically scan Cairo smart contracts on StarkNet for platform-specific security vulnerabilities related to arithmetic, cross-layer messaging, and cryptographic operations. This skill encodes 6 critical vulnerability patterns unique to Cairo/StarkNet ecosystem.

2. When to Use This Skill

Auditing StarkNet smart contracts (Cairo)
Reviewing L1-L2 bridge implementations
Pre-launch security assessment of StarkNet applications
Validating cross-layer message handling
Reviewing signature verification logic
Assessing L1 handler functions

3. Platform Detection

File Extensions & Indicators

Cairo files: .cairo

Related skills

More from trailofbits/skills

Installs

2.2K

Repository

trailofbits/skills

GitHub Stars

5.1K

First Seen

Jan 19, 2026

Security Audits

Gen Agent Trust HubWarn

SocketPass

SnykPass

cairo-vulnerability-scanner

Cairo/StarkNet Vulnerability Scanner

1. Purpose

2. When to Use This Skill

3. Platform Detection

File Extensions & Indicators

More from trailofbits/skills

ask-questions-if-underspecified

semgrep

modern-python

codeql

insecure-defaults

secure-workflow-guide