quillshield-security-skills

Multi-dimensional smart contract security auditing using Behavioral State Analysis (BSA). Combines behavioral intent extraction, parallel threat engines, adversarial simulation with PoC generation, and Bayesian confidence scoring.

Detects logic vulnerabilities by finding functions that bypass security checks the contract consistently applies elsewhere. Based on the Consistency Principle.

Automatically infers mathematical relationships between state variables then finds functions that violate them. Catches vulnerabilities behind the biggest DeFi hacks.

Systematically detects all reentrancy variants — classic, cross-function, cross-contract, read-only, and ERC-777/ERC-1155 callback reentrancy.

Detects price oracle manipulation and flash loan attack vectors. Classifies oracle trust models, identifies stale prices, circular dependencies, and flash loan atomicity exploitation.

Detects vulnerabilities in upgradeable proxy architectures — storage layout collisions, uninitialized implementations, function selector clashing, and upgrade path safety.

Detects input validation failures and arithmetic vulnerabilities — precision loss, rounding exploitation, ERC4626 inflation attacks, unsafe casting, and unchecked block risks.

Detects unsafe external call patterns and token integration vulnerabilities. Covers unchecked return values, fee-on-transfer tokens, rebasing tokens, and callback risks.

Detects signature replay vulnerabilities. Covers same-chain, cross-chain, cross-contract, nonce-skip, and expired replay types plus EIP-712 and ecrecover safety.

Detects Denial of Service and griefing vulnerabilities — unbounded loops, gas limit exhaustion, external call failure DoS, 63/64 gas griefing, and storage bloat.