All skills
Skillintermediate
Chain Audit Context
Explore the codebase and write a `CLAUDE.md` at the target repo root with all context needed for the audit.
Claude Code Knowledge Pack7/10/2026
Overview
Discovery & CLAUDE.md Generation
Explore the codebase and write a CLAUDE.md at the target repo root with all context needed for the audit.
Platform Detection
Determine what you're auditing:
- Pure Cosmos SDK:
go.modimportscosmossdk.io/*orgithub.com/cosmos/cosmos-sdk/* - EVM-based (Ethermint/Evmos):
go.modimportsgithub.com/evmos/ethermintorgithub.com/evmos/evmos; hasx/evmmodule - CosmWasm:
go.modimportsgithub.com/CosmWasm/wasmd; or.rscontracts withuse cosmwasm_std::* - IBC enabled:
go.modimportsgithub.com/cosmos/ibc-go; has IBC keepers orx/ibc*modules
Technical Inventory
Identify and record:
- SDK version and ibc-go version from
go.mod - Custom modules under
x/*/— list each with one-line purpose - ABCI hooks per module (
HasBeginBlocker,HasEndBlocker,HasPreBlocker,HasPrecommit,HasPrepareCheckState,HasABCIEndBlock) - Message types from
proto/.../tx.proto— list each with itscosmos.msg.v1.signerfield - Handlers in
keeper/msg_server.go— note any stub/no-op implementations - Keepers that hold references to
bankKeeper,stakingKeeper,authzKeeper - AnteHandler chain from
app.goorante.go— list decorators in order - IBC integration: IBC modules, middleware stack, ICA host/controller, PFM
Threat Model
Determine and record:
- What the chain does: DEX, lending, bridge, staking derivatives, NFT, general-purpose, etc.
- High-value assets: tokens held in escrow, module accounts with mint/burn authority, LP pools, vaults
- Trust boundaries: which actors are trusted (validators, governance, relayers, oracles, IBC counterparties) and what each can do
- External integrations: IBC channels (which chains, which tokens), oracles, bridges, off-chain components
- Custom crypto or consensus: vote extensions, custom ABCI++, custom mempool (
PrepareProposal/ProcessProposal), MEV protection - Upgrade history: recent migrations, deprecated modules still present, parameter changes
CLAUDE.md Structure
Write the CLAUDE.md as a structured reference for the auditor:
# Chain Audit Context
## Versions
- Cosmos SDK: v0.50.x
- ibc-go: v8.x
## Modules
| Module | Purpose | ABCI Hooks | Bank Access |
|--------|---------|------------|-------------|
| x/dex | Order book DEX | EndBlocker (match orders) | Yes (escrow) |
## Message Types
| Message | Signer Field | Handler |
|---------|-------------|---------|
| MsgPlaceOrder | sender | msg_server.go:42 |
## Threat Model
- **Chain purpose**: DEX with IBC token support
- **High-value targets**: escrow account (holds all deposited tokens), LP pools
- **Trust boundaries**: validators (order matching), relayers (IBC), governance (params)
- **IBC exposure**: channels to Osmosis, Cosmos Hub; PFM enabled
## AnteHandler Chain
1. SetUpContext → 2. ... → N. SigVerification
## Audit Focus Areas
[Based on threat model, which vulnerability categories matter most]