簡介
For Developers
The security handbook for Uniswap V4 hook developers — find and fix known vulnerabilities before you ship.
- Documents vulnerability patterns specific to V4 hook contracts: reentrancy, permission flag misuse, callback manipulation
- Concrete mitigations for each pattern, not just descriptions
- Pre-deployment audit checklist to assess risk before engaging an external auditor
SKILL.md
Uniswap V4 Security Foundations
A security-first reference for Solidity developers building custom hooks on Uniswap V4.
Prerequisites
claude plugin add @uniswap/uniswap-hooksornpx skills add Uniswap/uniswap-aiinstalled- An existing or in-progress V4 hook contract to review
When to Use This Skill
Use this skill when the user:
- Is actively developing a custom hook on Uniswap V4
- Wants a security review of their hook contract code
- Asks about V4-specific attack surfaces, vulnerabilities, or audit requirements
- Needs a pre-deployment checklist before going to production or submitting for external audit
What is Uniswap V4 Security Foundations?
This is a reference skill — it provides AI-assisted code review and a vulnerability pattern catalog specifically for V4 hook development. V4 hooks interact with the Uniswap pool at the lowest level, which introduces attack surfaces that don't exist in standard contracts. This skill documents the known patterns — reentrancy vectors, improper permission flag usage, callback manipulation — along with concrete, V4-specific mitigations and Solidity best practices. It also provides a structured pre-deployment checklist so developers can systematically assess their hook's security posture before engaging an external auditor or going live.
Key usage:
- Paste or describe your hook and the skill identifies applicable vulnerability patterns
- Generate a security checklist tailored to your specific hook implementation
- Review V4 audit requirements before submitting for external review