forefy

Being the 1st public auditing skills author I can share this: •⁠ ⁠AI can't write skills as well as actual auditors •⁠ ⁠Over-verbose skills (e.g more than 5000 tokens a page) are creating context rot •⁠ ⁠Installing other people's skills is much scarier than npm install I solved this by utilizing my profile site to host the Auditor Skills Registry •⁠ ⁠Skills I personally use (including skills from @pashov , @trailofbits , @QuillAudits_AI , @auditmos myself etc.) •⁠ ⁠Security reviewed, guardrails, AI reliance rating •⁠ ⁠Easy and secure 1-click installation to claude code / copilot cli / gemini cli / codex IMPORTANT: Like or repost if you plan on using it, to let me know if I should keep it live: forefy.com/skills

🚨🚨 WATCH ME VIBE-AUDIT A SMART CONTRACT > end-to-end without an IDE > from skills and prompts to a google doc report > result report and repo below ▶️ youtube.com/watch?v=5jcZ85… I didn't risk my auditing career posting this just to have fun with prompts. This is a social demonstration of the power that's at hand of the new version of our adversaries. I literally just sat down and showed you a summarized way of my first 15 minutes starting an audit (before the first coffee ends) - it's obviously not enough for a professional audit, not even close, it's a really good starting point though (still have an entire week after that in industry timelines). I want you all to start interacting with code like this, exploring it through the agents, asking questions, creating creative skills and gain more and more ways of asking the right questions and improve and learn always Skills I've used can all be found at the Auditor Skill Registry: ✨ forefy.com/skills Skills used (other than the ones under github.com/forefy/.context): - solidity-auditor by @pashov github.com/pashov/skills - security-auditor by @archethect github.com/Archethect/sc-… - hackenproof-triage-marketplace by @HackenProof github.com/hackenproof-pu… - web3-poc-foundry by @shuvonsec github.com/shuvonsec/web3… - code-sleuth by @ZeroCool_AI github.com/zerocoolailabs… Repo and Report: github.com/forefy/vulnvau… Would've used much more, but wanted to make this fit under a 15 minutes video and improvised what came to mind at the moment ▶️ youtube.com/watch?v=5jcZ85… Please repost, comment, share and raise awareness for what's coming!

I just PR'd 3 different auditing skills repo's to adhere to the claude skill format specifications before I list them on the auditor skills registry github.com/JoranHonig/gri… github.com/kadenzipfel/sc… github.com/zerocoolailabs… my goal is to convince you all to start auditing with skills by ensuring on my spare time that they are solid and usable @joranhonig @0xKaden @ZeroCool_AI

🚨🚨 WATCH ME VIBE-AUDIT A SMART CONTRACT > end-to-end without an IDE > from skills and prompts to a google doc report > result report and repo below ▶️ youtube.com/watch?v=5jcZ85… I didn't risk my auditing career posting this just to have fun with prompts. This is a social demonstration of the power that's at hand of the new version of our adversaries. I literally just sat down and showed you a summarized way of my first 15 minutes starting an audit (before the first coffee ends) - it's obviously not enough for a professional audit, not even close, it's a really good starting point though (still have an entire week after that in industry timelines). I want you all to start interacting with code like this, exploring it through the agents, asking questions, creating creative skills and gain more and more ways of asking the right questions and improve and learn always Skills I've used can all be found at the Auditor Skill Registry: ✨ forefy.com/skills Skills used (other than the ones under github.com/forefy/.context): - solidity-auditor by @pashov github.com/pashov/skills - security-auditor by @archethect github.com/Archethect/sc-… - hackenproof-triage-marketplace by @HackenProof github.com/hackenproof-pu… - web3-poc-foundry by @shuvonsec github.com/shuvonsec/web3… - code-sleuth by @ZeroCool_AI github.com/zerocoolailabs… Repo and Report: github.com/forefy/vulnvau… Would've used much more, but wanted to make this fit under a 15 minutes video and improvised what came to mind at the moment ▶️ youtube.com/watch?v=5jcZ85… Please repost, comment, share and raise awareness for what's coming!

More contribution work done to improve auditor skills 🤍 New PRs: github.com/han-sec/triden… @4lifemen github.com/PlamenTSV/plam… @p_tsanev github.com/forefy/Solidit… @KannAILabs

🚨🚨 WATCH ME VIBE-AUDIT A SMART CONTRACT > end-to-end without an IDE > from skills and prompts to a google doc report > result report and repo below ▶️ youtube.com/watch?v=5jcZ85… I didn't risk my auditing career posting this just to have fun with prompts. This is a social demonstration of the power that's at hand of the new version of our adversaries. I literally just sat down and showed you a summarized way of my first 15 minutes starting an audit (before the first coffee ends) - it's obviously not enough for a professional audit, not even close, it's a really good starting point though (still have an entire week after that in industry timelines). I want you all to start interacting with code like this, exploring it through the agents, asking questions, creating creative skills and gain more and more ways of asking the right questions and improve and learn always Skills I've used can all be found at the Auditor Skill Registry: ✨ forefy.com/skills Skills used (other than the ones under github.com/forefy/.context): - solidity-auditor by @pashov github.com/pashov/skills - security-auditor by @archethect github.com/Archethect/sc-… - hackenproof-triage-marketplace by @HackenProof github.com/hackenproof-pu… - web3-poc-foundry by @shuvonsec github.com/shuvonsec/web3… - code-sleuth by @ZeroCool_AI github.com/zerocoolailabs… Repo and Report: github.com/forefy/vulnvau… Would've used much more, but wanted to make this fit under a 15 minutes video and improvised what came to mind at the moment ▶️ youtube.com/watch?v=5jcZ85… Please repost, comment, share and raise awareness for what's coming!

🚨🚨 WATCH ME VIBE-AUDIT A SMART CONTRACT > end-to-end without an IDE > from skills and prompts to a google doc report > result report and repo below ▶️ youtube.com/watch?v=5jcZ85… I didn't risk my auditing career posting this just to have fun with prompts. This is a social demonstration of the power that's at hand of the new version of our adversaries. I literally just sat down and showed you a summarized way of my first 15 minutes starting an audit (before the first coffee ends) - it's obviously not enough for a professional audit, not even close, it's a really good starting point though (still have an entire week after that in industry timelines). I want you all to start interacting with code like this, exploring it through the agents, asking questions, creating creative skills and gain more and more ways of asking the right questions and improve and learn always Skills I've used can all be found at the Auditor Skill Registry: ✨ forefy.com/skills Skills used (other than the ones under github.com/forefy/.context): - solidity-auditor by @pashov github.com/pashov/skills - security-auditor by @archethect github.com/Archethect/sc-… - hackenproof-triage-marketplace by @HackenProof github.com/hackenproof-pu… - web3-poc-foundry by @shuvonsec github.com/shuvonsec/web3… - code-sleuth by @ZeroCool_AI github.com/zerocoolailabs… Repo and Report: github.com/forefy/vulnvau… Would've used much more, but wanted to make this fit under a 15 minutes video and improvised what came to mind at the moment ▶️ youtube.com/watch?v=5jcZ85… Please repost, comment, share and raise awareness for what's coming!

Introducing EVMbench—a new benchmark that measures how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities. openai.com/index/introduc…