substrate-vulnerability-scanner

# Substrate Vulnerability Scanner ## 1. Purpose Systematically scan Substrate runtime modules (pallets) for platform-specific security vulnerabilities that can cause node crashes, DoS attacks, or unauthorized access. This skill encodes 7 critical vulnerability patterns unique to Substrate/FRAME-based chains. ## 2. When to Use This Skill - Auditing custom Substrate pallets - Reviewing FRAME runtime code - Pre-launch security assessment of Substrate chains (Polkadot parachains, standalone chains) - Validating dispatchable extrinsic functions - Reviewing weight calculation functions - Assessing unsigned transaction validation logic ## 3. Platform Detection ### File Extensions & Indicators - **Rust files**: `.rs` ### Language/Framework Markers ```rust // Substrate/FRAME indicators #[pallet] pub mod pallet { use frame_support::pallet_prelude::*; use frame_system::pallet_prelude::*; #[pallet::config] pub trait Config: frame_system::Config { } #[pallet::call] impl<T: Config> Pallet<T> { #[pallet::weight(10_000)] pub fn example_function(origin: OriginFor<T>) -> DispatchResult { } } } // Common patterns DispatchResult, DispatchError ensure!, ensure_signed, ensure_root StorageValue, StorageMap, StorageDoubleMap #[pallet::storage] #[pallet::call] #[pallet::weight] #[pallet::validate_unsigned] ``` ### Project Structure - `pallets/*/lib.rs` - Pallet implementations - `runtime/lib.rs` - Runtime configuration - `benchmarking.rs` - Weigh...