Which Algorand languages does this skill support?

The skill supports both TEAL (Transaction Execution Approval Language) and PyTeal, and it can identify patterns in projects using the Beaker framework.

Can this skill automatically fix my code?

It identifies the exact line of vulnerable code and provides a recommended secure implementation that you can review and apply to your contract.

What specific vulnerabilities can this scanner detect?

It detects 11 major patterns including Rekeying attacks, Missing Transaction Verification, Asset Clawback risks, and Atomic Transaction Ordering issues.

Does this skill require external security tools?

While it performs logic-based analysis natively, it is designed to work alongside Tealer. For the best results, it is recommended to have 'tealer' installed via pip.

Is this a substitute for a professional audit?

No, this skill is a powerful tool for development-time security and pre-audit checks, but it should be used as part of a broader security strategy that includes professional third-party audits.

Algorand Smart Contract Auditor

Name: Algorand Smart Contract Auditor
Author: fjor1025

byfjor1025

0•

Security & Testing

Scans Algorand smart contracts for security vulnerabilities to ensure robust and secure blockchain applications.

The Algorand Vulnerability Scanner is a specialized security tool designed to systematically audit Algorand smart contracts written in TEAL and PyTeal. By encoding 11 critical vulnerability patterns documented in Trail of Bits' 'Not So Smart Contracts' database, this skill helps developers identify and mitigate platform-specific risks such as rekeying attacks, unchecked transaction fees, and atomic group transaction manipulation. It provides a comprehensive workflow—from automated scanning with Tealer to manual logic verification—ensuring that decentralized applications are hardened against common exploits before deployment.

Key Features

01Analyzes complex transaction logic including Inner Transactions and Atomic Transaction Groups.

02Integrates with the Tealer static analysis tool for automated vulnerability detection.

03Detects 11 critical Algorand-specific vulnerability patterns including rekeying and group transaction risks.

04Provides detailed remediation guidance with secure code examples and 'fix' recommendations.

05Supports static analysis for both TEAL assembly and PyTeal source code.

060 GitHub stars

Use Cases

01Performing pre-audit security assessments on Algorand stateful applications and smart signatures.

02Training blockchain development teams on Algorand-specific security best practices and pitfalls.

03Validating security fixes and verifying that known vulnerability patterns have been remediated.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fjor1025/infosec-framework algorand-vulnerability-scanner

For use in Claude.ai and ChatGPT

Download Skill