A structured 7-stage audit using an orchestrator + subagent architecture for security auditing of blockchain node implementations. Covers execution clients, consensus clients, app-chain SDKs, bridges, and any codebase with P2P networking or consensus logic.

## Pipeline

1. **Setup**— creates output directories, records audit parameters
2. **Recon**— maps codebase structure, entry points, trust boundaries, and applicable patterns
3. **Hunt**— parallel subagents analyze assigned subsystems against 20 vulnerability pattern families
4. **Cross-subsystem**— traces trust boundary mismatches at subsystem call sites
5. **Validation**— deduplicates findings, applies severity override rules
6. **Adversarial review [deep]**— Red Team / Blue Team / Judge protocol for HIGH+ findings
7. **Report**— consolidated report from disk state

## Knowledge Base

– **20 vulnerability pattern families** covering input validation, consensus correctness, resource exhaustion, memory safety, concurrency, serialization, and more
– **7 structured analysis lenses** for systematically examining code at trust boundaries
– **Heuristic strategies** for finding bugs that patterns alone won’t catch

## Track Record

– $1K earned on Immunefi (1 Medium finding)
– Independently discovered a vulnerability in rippled (XRP Ledger), officially acknowledged and patched

## Scope

– Execution clients (go-ethereum, Erigon, Reth, Nethermind, Besu)
– Consensus clients (Lighthouse, Prysm, Teku, Nimbus, Lodestar)
– App-chain SDKs (Cosmos SDK, Substrate, CometBFT)
– Bridge and relayer codebases

## Install

“`
Install skill https://github.com/DarkNavySecurity/web3-skills/
“`

## Usage

“`
/client-auditor . # Audit current repo /client-auditor ./node # Audit subdirectory /client-auditor . deep # Full deep audit
“`