- Anthropic updated its AI coding tool to give developers full desktop access through the new CoWork feature.
- Developers are using Claude to perform “vibe audits” of smart contracts, outsourcing some auditing tasks to AI skills.
- Trail of Bits published Claude skills for smart-contract checks, including a spec-to-code compliance tool and a pattern-based variant scanner (both on GitHub).
- The tools can scan for common vulnerabilities but are incomplete; Trail of Bits warns that AI checks are error-prone and recommends manual review.
- Skills and plugins are available in the Claude Code/skills repositories and aim to help developers find design flaws and bug variants before deployment.
Anthropic‘s AI development environment added a feature called CoWork that gives developers full desktop access. Developers are already using Claude to run automated audits of blockchain smart contracts, a practice sometimes called “vibe auditing.”
Smart contracts are blockchain programs that automatically execute agreements when conditions are met; they control large sums of digital assets and remain prone to hacks, according to usage charts showing ongoing incidents (see https://www.web3isgoinggreat.com/charts/top). Developers and researchers now use Claude skills to find common problems before deployment.
Security firm Trail of Bits published several Claude skills on GitHub. One skill checks contracts for compliance with whitepapers or design documents; the developer described it as, “Use this skill when you need to audit smart contracts against whitepapers or design documents.” The skill is available at https://github.com/trailofbits/skills/tree/main/plugins/spec-to-code-compliance.
Another Trail of Bits skill scans for variants of known bugs using pattern-based analysis; the code is available at https://github.com/trailofbits/skills/tree/main/plugins/variant-analysis. A security researcher highlighted these tools on social media, writing, “🚨Claude Skills for Smart Contract Security are now here, all thanks to Trail of Bits” (see https://x.com/pashov/status/2011788622127665395).
The Claude skills can check for issues such as unsafe design patterns, compiler-induced timing problems, state-change entry points, and more. These checks automate parts of an audit; however, they do not guarantee safety. Trail of Bits documents that AI security checks are incomplete and prone to errors and repeatedly recommends manual, expert review before deploying contracts on public blockchains.
The new tooling is distributed openly on Trail of Bits’ repositories and aims to assist developers and security researchers in finding bugs earlier in the development process.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Publishers Sue to Block Google Over Pirated Books in AI Case
- Radix launches public Hyperscale test targeting 500k TPS now
- Vitalik: Web3 ‘decentralized renaissance’ finally arrives…
- 95% Win-Rate Bitcoin Whale Opens $96.0M 3x Long, Accumulates
- KBC to Offer Bitcoin and Ether Trading to Belgian Retail Feb
