Skip to main content
SkillJury
Back to the directory
trailofbits/skillsSoftware EngineeringFrontend and Design

solana-vulnerability-scanner

Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, and missing security checks.

SkillJury keeps community verdicts, source metadata, and external repository signals in separate lanes so ranking data never pretends to be a review.

SkillJury verdict
Pending

No approved reviews yet

Would recommend
Pending

Waiting on enough review volume

Install signal
2

Weekly or total install activity from catalog data

Sign in to review
0 review requests
Install command
npx skills add https://github.com/trailofbits/skills --skill solana-vulnerability-scanner
SkillJury does not have enough approved reviews to publish a community verdict yet. Source metadata and repository proof are still available above.
SkillJury Signal Summary

As of May 1, 2026, solana-vulnerability-scanner has 2 weekly installs, 0 community reviews on SkillJury. Community votes currently stand at 0 upvotes and 0 downvotes. Source: trailofbits/skills. Canonical URL: https://skills.sh/trailofbits/skills/solana-vulnerability-scanner.

Security audits
Gen Agent Trust HubPASS
SocketPASS
SnykPASS
About this skill
Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, and missing security checks. Systematically scan Solana programs (native and Anchor framework) for platform-specific security vulnerabilities related to cross-program invocations, account validation, and program-derived addresses. This skill encodes 6 critical vulnerability patterns unique to Solana's account model. When invoked, I will: I check for 6 critical vulnerability patterns unique to Solana. For detailed detection patterns, code examples, mitigations, and testing strategies, see VULNERABILITY_PATTERNS.md . For complete vulnerability patterns with code examples, see VULNERABILITY_PATTERNS.md . For each CPI: For each PDA: For each account used: Attack Scenario : Recommendation : Use Anchor's Program type: References : Before completing Solana program audit: CPI Security (CRITICAL) : PDA Security (CRITICAL) : Account Validation (HIGH) : Signer Validation (CRITICAL) : Sysvar Security (HIGH) : Instruction Introspection (MEDIUM) : Testing : - Detects 6 vulnerability patterns: arbitrary CPI, improper PDA validation, missing ownership checks, missing signer checks, sysvar spoofing, and improper instruction introspection - Supports both native Solana and Anchor framework programs with automatic platform detection - Provides detailed findings with vulnerable code snippets,...

Source description provided by the upstream listing. Community review signal and install context stay separate from this narrative layer.

Community reviews

Latest reviews

No community reviews yet. Be the first to review.

Browse this skill in context
FAQ
What does solana-vulnerability-scanner do?

Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, and missing security checks.

Is solana-vulnerability-scanner good?

solana-vulnerability-scanner does not have approved reviews yet, so SkillJury cannot publish a community verdict.

Which AI agents support solana-vulnerability-scanner?

solana-vulnerability-scanner currently lists compatibility with Skills CLI.

Is solana-vulnerability-scanner safe to install?

solana-vulnerability-scanner has been scanned by security audit providers tracked on SkillJury. Check the security audits section on this page for detailed results from Socket.dev and Snyk.

What are alternatives to solana-vulnerability-scanner?

Skills in the same category include review-management, conversation-memory, coverage, grimoire-aave.

How do I install solana-vulnerability-scanner?

Run the following command to install solana-vulnerability-scanner: npx skills add https://github.com/trailofbits/skills --skill solana-vulnerability-scanner

review-managementconversation-memorycoveragegrimoire-aave
Related skills

More from trailofbits/skills

trailofbits/skills/Software Engineering

dimensional-analysis

This skill orchestrates a dimensional-analysis pipeline for codebases that perform numeric computations with mixed units, precisions, or scaling factors. The main skill context is a workflow controller only: it delegates scanning, vocabulary discovery, annotation, propagation, and validation to specialized subagents,...

Weekly installs
809
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

ask-questions-if-underspecified

Ask clarifying questions before implementing when requirements are ambiguous or incomplete.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

modern-python

Modern Python project setup with uv, ruff, and ty for Python 3.11+.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

semgrep

Parallel static analysis scanner with automatic language detection, Pro cross-file taint tracking, and merged SARIF output.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
Related skills

Alternatives in Software Engineering

eronred/aso-skills/Software Engineering

review-management

Source details, install context, and public review data are available on the full page.

Weekly installs
999
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource eronred/aso-skills
sickn33/antigravity-awesome-skills/Software Engineering

conversation-memory

Persistent memory systems for LLM conversations with tiered storage and intelligent retrieval.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource sickn33/antigravity-awesome-skills
alirezarezvani/claude-skills/Software Engineering

coverage

Map all testable surfaces in the application and identify what's tested vs. what's missing.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource alirezarezvani/claude-skills
franalgaba/grimoire/Software Engineering

grimoire-aave

Query Aave V3 market data, reserve snapshots, and health metrics across supported chains.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource franalgaba/grimoire