feat(skill): add solana-roast — pre-audit design & security interrogation#26
Open
Shawnchee wants to merge 3 commits into
Open
feat(skill): add solana-roast — pre-audit design & security interrogation#26Shawnchee wants to merge 3 commits into
Shawnchee wants to merge 3 commits into
Conversation
…tion Adds ext/solana-roast (https://github.com/Shawnchee/solana-roast-skill, MIT): an adversarial program design & security interrogator that runs BEFORE the audit-stage skills. 9 branches, one question at a time with recommended answers, grounded in the user's Anchor/native code; emits design-spec + threat-model (with a Design Safety score) + pre-audit checklist + optional teaching lecture. Current to Anchor 1.0 / Token-2022 / Solana 3.x; every check sourced (SOURCES.md). Ripple Map: .gitmodules, README table+tree+count, QUICK-START tree+count, skill-hub SKILL.md routing. VERSION/CHANGELOG left for maintainers.
|
@Shawnchee is attempting to deploy a commit to the STBR TRUE Team on Vercel. A member of the Team first needs to authorize it. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What this adds
Adds
solana-roastas anext/skill submodule — an adversarial pre-ship design & security interrogator for Solana programs.Repo: https://github.com/Shawnchee/solana-roast-skill (MIT)
It fills the gap between the kit's idea-stage skills and its audit-stage skills (
ext/trailofbits,ext/qedgen,ext/safe-solana-builder,review-and-iterate): there's nothing that interrogates the design before the code is finished, where the most expensive Solana mistakes are made.solana-roastis the design gate before the audit gate — and itspre-audit-checklist.mdis built to be the direct input the scanners/auditors consume.How it works
cso.)design-spec.md,threat-model.md(+ a Design Safety score),pre-audit-checklist.md, and an optional teachinglecture.mdthat explains each finding and the real exploit it mirrors.SOURCES.md(no-guessing policy); a verifiedexploit-library.md(Wormhole, Cashio, Mango, Drift, …) backs the lecture.Ripple Map followed
Per
CLAUDE.md, a submodule add updates:.gitmodules—ext/solana-roastentryREADME.md— submodules table row + tree + bumped the18 → 19 ext/count (×2)QUICK-START.md— tree + bumped18 → 19 ext/count.claude/skills/SKILL.md— routing entry (Security Auditing section, as the pre-audit gate) + routing table row + hub descriptionNotes for maintainers
.claude/VERSION/CHANGELOG.mduntouched — version bumps are yours to own. Happy to add a minor bump if you'd like.validate.shin a fresh fork clone reports broken-link/init FAILs for allext/submodules because they aren't checked out (git submodule update --init). With submodules initialized,ext/solana-roast's links resolve and pass — my change adds no new failure class (solana-roast appears only as PASS).License
MIT — ready to be submoduled into the kit.