substrate-vulnerability-scanner

Installation

Summary

Scans Substrate pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, and bad origin checks.

Detects arithmetic overflow, panics, incorrect weights, verify-first violations, unsigned transaction validation issues, bad randomness, and bad origin patterns across FRAME pallets
Includes platform detection for Substrate/FRAME projects, scanning workflow with step-by-step guidance, and severity prioritization (critical, high, medium)
Provides fuzz testing, benchmarking, and try-runtime recommendations to validate fixes and prevent DoS and state corruption attacks
Covers pre-v0.9.25 transactional storage issues and includes a quick-reference audit checklist for dispatchables, access control, and storage safety

SKILL.md

Substrate Vulnerability Scanner

1. Purpose

Systematically scan Substrate runtime modules (pallets) for platform-specific security vulnerabilities that can cause node crashes, DoS attacks, or unauthorized access. This skill encodes 7 critical vulnerability patterns unique to Substrate/FRAME-based chains.

2. When to Use This Skill

Auditing custom Substrate pallets
Reviewing FRAME runtime code
Pre-launch security assessment of Substrate chains (Polkadot parachains, standalone chains)
Validating dispatchable extrinsic functions
Reviewing weight calculation functions
Assessing unsigned transaction validation logic

3. Platform Detection

File Extensions & Indicators

Rust files: .rs

Related skills

More from trailofbits/skills

Installs

2.2K

Repository

trailofbits/skills

GitHub Stars

5.1K

First Seen

Jan 19, 2026

Security Audits

Gen Agent Trust HubPass

SocketPass

SnykPass

substrate-vulnerability-scanner

Substrate Vulnerability Scanner

1. Purpose

2. When to Use This Skill

3. Platform Detection

File Extensions & Indicators

More from trailofbits/skills

ask-questions-if-underspecified

semgrep

modern-python

codeql

insecure-defaults

secure-workflow-guide