Crypto Smart Contract Auditor — 36 AI Prompts for Web3 Bug Hunters
# 36 Production-Ready AI Prompts for Smart Contract AuditorsBuilt by an active Immunefi + Cantina bug bounty hunter. Tested on real audit findings.Stop staring at Solidity contracts for hours. Drop in these battle-tested prompts and let AI do the heavy first-pass — then you focus on what matters: finding the critical bugs.---## 🎯 What You Get36 system prompts that turn Claude, GPT-4, or DeepSeek into a specialized smart contract security auditor covering:✅ Reentrancy & access control (5 prompts)✅ Arithmetic & precision exploits (4 prompts)✅ Oracle manipulation — Chainlink, Uniswap TWAP, flash loans (5 prompts)✅ Gas griefing & DoS (3 prompts)✅ Signature cryptography — ECDSA, EIP-712, Merkle (4 prompts)✅ DeFi-specific patterns — lending, AMM, liquidation (5 prompts)✅ Proxy upgradeability (3 prompts)✅ Audit workflow automation — PoC generator, severity rater, report writer (4 prompts)✅ BONUS: Cross-chain bridges, NFT royalties, governance attacks (3 prompts)---## 💡 Why These Prompts WorkEvery prompt is structured to produce real, actionable output:- ✅ Specific role definition — auditor specialized in the vulnerability class- ✅ Output format specified — severity rating, code location, PoC, fix- ✅ Constraints to prevent hallucination — "only report real vulnerabilities"- ✅ Working PoC requirement — not just theoretical, but reproducible Foundry tests- ✅ Real-world examples — Cream, Wormhole, Ronin, Euler references---## 🚀 How To Use1. Open Claude (recommended) or GPT-42. Copy the prompt you need3. Replace {{contract_code}} with the contract you're auditing4. Get back structured audit findings in secondsExample: Paste "Reentrancy Detector" prompt + your contract → Get critical/high/medium findings with line numbers, attack scenarios, PoC code, and fix diffs.---## 👤 Who This Is For- 🐛 Bug bounty hunters on Immunefi, Cantina, HackerOne- 🔍 Smart contract auditors at firms- 🛡️ Protocol security engineers- 💼 Web3 developers who want to ship safer code- 🎓 Security researchers learning Solidity auditing---## 👨💻 About the Authorvergavalle — active Web3 whitehat with critical and high findings across DeFi protocols.- Specialization: DeFi lending, liquidation logic, oracle manipulation- Twitter: @anangjunam---## 📦 What's Included- 36 prompts in clean markdown- Copy-paste ready with {{variables}}- Works with Claude, GPT-4, DeepSeek, Gemini- Lifetime updates- Private Discord access (Q&A)---## ❓ FAQQ: Which LLM works best?A: Claude Sonnet 4 recommended (best code understanding). GPT-4 and DeepSeek also work.Q: Do I need to know Solidity?A: Yes — these prompts assist an auditor, they don't replace one. You should understand the output.Q: Will these find every bug?A: No — they're for first-pass triage. Always combine with manual review and Slither/Mythril.Q: Can I use these for client work?A: Yes, single-seat license covers your consulting work.Q: Refund policy?A: 7-day money-back if not satisfied. Email through Gumroad.---## ⚠️ DisclaimerThese prompts are tools, not guarantees. Always verify findings manually. Not responsible for missed bugs or false positives.
Get it → vergaaihergent.gumroad.com