angus-bounty-hunterAutomated smart contract bug bounty hunting. Scans Immunefi/Code4rena targets with Slither static analysis, triages findings with local LLMs, and generates P...
Install via ClawdBot CLI:
clawdbot install chipp11/angus-bounty-hunterGrade Limited — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Calls external URL not in known-safe list
http://127.0.0.1:11434/api/tagsAudited Apr 17, 2026 · audit v1.0
Generated Mar 21, 2026
Security researchers use this skill to automate vulnerability scanning in active bug bounty programs on platforms like Immunefi and Code4rena. It helps identify potential high-severity issues in Solidity contracts by running static analysis with Slither, triaging findings locally to save costs, and generating PoC templates for efficient reporting.
Development teams or solo auditors leverage this tool to perform preliminary security checks on their own Solidity codebases before formal audits. It streamlines the process by focusing on flagged vulnerabilities, reducing manual code review time and helping prioritize fixes based on severity levels.
Instructors or students in cybersecurity courses use this skill to teach static analysis techniques and smart contract vulnerability identification. It provides hands-on experience with real-world tools like Slither and local LLMs, enabling practical learning without high API costs.
DeFi project maintainers integrate this skill into their CI/CD pipelines to regularly scan for new vulnerabilities as code updates. It helps ensure ongoing security compliance by automating scans on GitHub repos, triaging findings, and alerting teams to potential risks before deployment.
Offer the core scanning and triage functionality for free to attract users, then charge for advanced features like automated PoC generation, integration with cloud LLMs for deeper analysis, or priority support. Revenue comes from subscription fees for teams and enterprises needing enhanced capabilities.
Provide paid consulting services to help organizations set up and customize the skill for their specific smart contract environments. This includes tailoring scan parameters, integrating with existing security workflows, and offering training sessions, generating revenue through project-based fees or hourly rates.
Partner with platforms like Immunefi or Code4rena to promote the skill to their user base, earning commissions on successful bug bounty submissions facilitated by the tool. Revenue is generated through referral fees or revenue-sharing agreements based on payout amounts from found vulnerabilities.
💬 Integration Tip
Ensure all dependencies like slither-analyzer and solc-select are correctly installed via pip, and use Ollama for local LLM triage to minimize API costs while maintaining efficiency in the workflow.
Scored Apr 19, 2026
Perform network reconnaissance and port scanning with Nmap to find open ports, detect services, identify vulnerabilities, and enumerate targets accurately.
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.
Security engineering toolkit for threat modeling, vulnerability analysis, secure architecture, and penetration testing. Includes STRIDE analysis, OWASP guida...
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
Test your AI agent for security vulnerabilities using PwnClaw. Runs 50+ attacks (prompt injection, jailbreaks, social engineering, MCP poisoning, and more) and provides fix instructions. Use when your agent needs a security check or hardening.