Load this when you're auditing Solidity contracts and need to systematically check for the stuff that drains wallets. It covers the classics like reentrancy (including the subtle cross-contract and read-only variants that trip up auditors), integer overflow patterns that still bite in unchecked blocks, and delegatecall storage collisions in proxy patterns. The tables comparing vulnerable vs safe patterns are practical, especially for MEV sandwich attacks and signature replay across chains. It's opinionated about what base models miss, like cross-function reentrancy and CREATE2 exploitation. If you're writing contracts instead of breaking them, the mitigation tables work as a hardening checklist.
npx skills add https://github.com/yaklang/hack-skills --skill smart-contract-vulnerabilities