algorand-vulnerability-scannerlisted

# Algorand Vulnerability Scanner ## 1. Purpose Systematically scan Algorand smart contracts (TEAL and PyTeal) for platform-specific security vulnerabilities documented in Trail of Bits' "Not So Smart Contracts" database. This skill encodes 11 critical vulnerability patterns unique to Algorand's transaction model. ## 2. When to Use This Skill - Auditing Algorand smart contracts (stateful applications or smart signatures) - Reviewing TEAL assembly or PyTeal code - Pre-audit security assessment of Algorand projects - Validating fixes for reported Algorand vulnerabilities - Training team on Algorand-specific security patterns ## 3. Platform Detection ### File Extensions & Indicators - **TEAL files**: `.teal` - **PyTeal files**: `.py` with PyTeal imports ### Language/Framework Markers ```python # PyTeal indicators from pyteal import * from algosdk import * # Common patterns Txn, Gtxn, Global, InnerTxnBuilder OnComplete, ApplicationCall, TxnType @router.method, @Subroutine ``` ### Project Structure - `approval_program.py` / `clear_program.py` - `contract.teal` / `signature.teal` - References to Algorand SDK or Beaker framework ### Tool Support - **Tealer**: Trail of Bits static analyzer for Algorand - Installation: `pip3 install tealer` - Usage: `tealer contract.teal --detect all` --- ## 4. How This Skill Works When invoked, I will: 1. **Search your codebase** for TEAL/PyTeal files 2. **Analyze each file** for the 11 vulnerability patterns 3. **Report findings** with