Skills / Engineering / Solana Vulnerability Scanner

Solana Vulnerability Scanner

Scan Solana programs for 6 critical vulnerability classes including arbitrary CPI, improper PDA validation, missing signer and ownership checks, and sysvar spoofing. Tuned for Solana and Anchor programs.

Solana's account model creates security pitfalls that don't exist on the EVM. This skill scans Anchor and native Solana programs for the highest-impact bug classes — arbitrary CPI, missing signer/owner checks, weak PDA validation, and sysvar spoofing — and explains the fix for each.

security solana web3 smart-contracts anchor

When to use

Use when auditing or reviewing Solana/Anchor programs for the most common critical vulnerabilities before deploying on-chain.

Examples

Audit an Anchor program

Scan for the 6 critical bug classes

Scan this Anchor program for arbitrary CPI, missing signer checks, and PDA validation issues

Check account validation

Find missing ownership checks

Review these Solana instructions for missing owner and signer validation
Added to wishlist