npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

solidity-agent-skills

v1.0.2

Published

Curated Solidity best practices for AI coding agents (Cursor, Codex, Claude Code)

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

silicon-internsilicon-intern

Keywords

solidityethereumsmart-contractsaicoding-agentcursorcodexclaudebest-practicessecuritygas-optimization

Readme

Solidity Agent Skills

Curated Solidity best practices for AI coding agents (Cursor, Codex, Claude Code).

Skills are packaged instructions that help AI coding agents write better, more secure, and gas-efficient Solidity code.

Available Skills

| Skill | Description | |-------|-------------| | solidity-style | Code style, formatting, and design patterns | | solidity-security | Security patterns and vulnerability prevention | | solidity-gas | Gas optimization techniques |

Installation

Quick Install (npx)

npx solidity-agent-skills

This launches an interactive installer that lets you:

  1. Select which skills to install
  2. Choose target agents (Cursor, Codex, Claude Code)
  3. Install to project or global scope

Manual Installation

Copy the desired SKILL.md files to your agent's config directory:

Cursor:

mkdir -p .cursor/rules
cp skills/solidity-style/SKILL.md .cursor/rules/solidity-style.md

Claude Code:

mkdir -p .claude
cp skills/solidity-style/SKILL.md .claude/solidity-style.md

Codex:

mkdir -p .codex
cp skills/solidity-style/SKILL.md .codex/solidity-style.md

Usage

Once installed, skills are automatically available to your AI coding agent. The agent will apply the relevant best practices when:

  • Writing new Solidity contracts
  • Reviewing existing code
  • Implementing specific patterns (upgrades, access control, etc.)
  • Optimizing for gas

Example Prompts

"Create an ERC20 token with minting capability"

The agent will apply:

  • Style conventions (naming, imports, NatSpec)
  • Security patterns (access control, SafeERC20)
  • Gas optimizations (immutable, packed storage)

"Review this contract for security issues"

The agent will check for:

  • Reentrancy vulnerabilities
  • Access control issues
  • Input validation
  • CEI pattern compliance

Skills Overview

solidity-style

Covers coding conventions and design patterns from:

Key topics:

  • Named imports and code organization
  • Naming conventions (underscore prefixes, param/return naming)
  • Function ordering and visibility
  • NatSpec documentation
  • Custom errors and events
  • UUPS upgradeable patterns
  • Storage gaps and upgrade safety
  • Access control patterns

solidity-security

Covers security best practices from:

Key topics:

  • Checks-Effects-Interactions (CEI) pattern
  • Reentrancy prevention
  • Access control
  • Input validation
  • SafeERC20 usage
  • Flash loan awareness

solidity-gas

Covers optimization techniques from:

Key topics:

  • Storage optimization (packing, caching, zero→non-zero)
  • Immutable/constant usage
  • Loop optimization
  • Custom errors vs require strings
  • Calldata vs memory
  • L1 vs L2 considerations

Solodit API Integration (Optional)

The solidity-security skill includes integration with Cyfrin Solodit, a database of 49,000+ real-world smart contract vulnerabilities from professional audits.

What It Enables

When configured, AI agents can search the vulnerability database during security reviews to find similar issues from past audits, enhancing manual review with real-world findings.

Setup

  1. Get an API key (free):

    • Go to solodit.cyfrin.io
    • Sign in or create an account
    • Click profile dropdown → "API Keys"
    • Create a new key

  2. Set the environment variable:

    # Add to ~/.bashrc, ~/.zshrc, or equivalent:
export SOLODIT_API_KEY="sk_your_key_here"

  3. Reload your shell:

    source ~/.bashrc  # or ~/.zshrc

Without API Key

Skills work fully without the API key. The security skill will:

  • Inform you that enhanced search is available
  • Continue with comprehensive manual review
  • Apply all patterns and checklists from the skill

See skills/solidity-security/references/solodit-api.md for full API documentation.

Development

Local Testing

The npx solidity-agent-skills command requires the package to be published to npm. For local development and testing, use one of these methods:

Option 1: Direct execution

# Run the installer directly from the project directory
node bin/add-skill.js

# Or use npx with a local path
npx /path/to/solidity-agent-skills

Option 2: npm link

# From the project root, create a global symlink
npm link

# Now you can run the command globally
solidity-agent-skills

# To unlink when done
npm unlink -g solidity-agent-skills

Dev Mode

When developing the installer itself:

# Run with Node directly to see full error output
node bin/add-skill.js

# Or with the --help flag to verify CLI setup
node bin/add-skill.js --help

Contributing

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Update or add skills (ensure accuracy and test examples)
  4. Submit a pull request with a clear description

Skill Format

Each skill follows the Agent Skills format:

skills/
└── skill-name/
    ├── SKILL.md          # Main instructions (with YAML frontmatter)
    └── references/       # Supporting docs (optional)

Quality Guidelines

  • All code examples should be syntactically correct
  • Include both ✅ good and ❌ bad examples where helpful
  • Keep explanations concise but complete
  • Test that patterns work with current Solidity versions (0.8.x)

Project Structure

solidity-agent-skills/
├── bin/
│   └── add-skill.js      # CLI installer
├── skills/
│   ├── solidity-style/   # Style and patterns skill
│   ├── solidity-security/# Security skill
│   └── solidity-gas/     # Gas optimization skill
├── package.json
└── README.md

License

MIT