If you're building Uniswap v4 hooks, start here before writing any code. This covers the security fundamentals that can make the difference between a safe hook and one that drains user funds. It walks through the threat model (caller verification, sender identity traps), explains the 14 permission flags with their risk levels, and dedicates serious attention to the NoOp rug pull attack via beforeSwapReturnDelta. You also get delta accounting basics, access control patterns, and router verification examples. The tone is appropriately paranoid because hook vulnerabilities have direct fund loss implications. Good for anyone touching PoolManager integration or reviewing hook code for the first time.
npx skills add https://github.com/uniswap/uniswap-ai --skill v4-security-foundations