substrate-vulnerability-scanner

Systematically scan Substrate runtime modules (pallets) for platform-specific security vulnerabilities that can cause node crashes, DoS attacks, or unauthorized access. This skill encodes 7 critical vulnerability patterns unique to Substrate/FRAME-based chains. When invoked, I will: I check for 7 critical vulnerability patterns unique to Substrate/FRAME. For detailed detection patterns, code examples, mitigations, and testing strategies, see VULNERABILITY_PATTERNS.md . Arithmetic Overflow ⚠️ CRITICAL Don't Panic ⚠️ CRITICAL - DoS Weights and Fees ⚠️ CRITICAL - DoS Verify First, Write Last ⚠️ HIGH (Pre-v0.9.25) Unsigned Transaction Validation ⚠️ HIGH Bad Randomness ⚠️ MEDIUM Bad Origin ⚠️ CRITICAL For complete vulnerability patterns with code examples, see VULNERABILITY_PATTERNS.md . For each #[pallet::call] function: Before completing Substrate pallet audit: Arithmetic Safety (CRITICAL) : Panic Prevention (CRITICAL) : Weights & DoS (CRITICAL) : Access Control (CRITICAL) : Storage Safety (HIGH) : Other (MEDIUM) : Testing : - Auditing custom Substrate pallets - Reviewing FRAME runtime code - Pre-launch security assessment of Substrate chains (Polkadot parachains, standalone chains) - Validating dispatchable extrinsic functions - Reviewing weight calculation functions - Assessing unsigned transaction validation logic - Rust files : .rs - pallets/*/lib.rs - Pallet implementations...