Uniswap V4 Hooks — Security Guide

Trust Score 83/100

Guides secure development, review, and auditing of Uniswap v4 hook contracts with threat models, permission guidance, and safe templates.

triggers:uniswapv4hookbeforeSwapafterSwapPoolManagerhook permissions

GitHub SKILL.md

What it does

Provides a comprehensive security-focused assistant for developing and auditing Uniswap v4 hook contracts. Covers threat modelling, permission flags, delta accounting, access control patterns, common vulnerability patterns, testing recommendations, and a secure base hook template. Includes examples of dangerous patterns and defensive coding practices.

When to use it

Activate when working on Uniswap v4 hook development, reviewing hook contracts, performing security audits, or implementing custom AMM logic that uses hooks. Trigger on keywords like uniswap, v4, hook, PoolManager, beforeSwap, afterSwap, or when the user invokes /uniswap-v4-hooks.

What's included

Scripts: none detected (has_scripts=false)
References: none embedded (has_references=false)
Instructions: detailed security checklist, implementation templates, Solidity code examples, testing and fuzzing recommendations, and common vulnerability patterns to avoid (e.g., beforeSwapReturnDelta rug pulls).

Compatible agents

Best used by code-review and security-focused agents capable of reading Solidity and recommending secure patterns.

Audit Summary

Pure reference skill for secure Uniswap V4 hook development. No scripts to execute. SKILL.md is a thorough security guide covering threat models, dangerous patterns (beforeSwapReturnDelta rug pull vector), access control, delta accounting, and deployment checklists. Well-written with clear GOOD/BAD code examples and risk scoring framework.

Watch Out

Links to external GitHub repos (fewwwww/awesome-uniswap-hooks, hensha256/hook-mine-and-sinker) without integrity checks
No executable scripts — purely informational
Niche audience limited to Solidity developers working with Uniswap V4

Notes

Contains example malicious code (NoOp rug pull) clearly labeled as MALICIOUS EXAMPLE - DO NOT USE for educational purposes. This is appropriate for a security guide. No security concerns with the skill itself.

Information

Repository: uniswapv4-hooks-skill
Stars: 15
Installs: 0

Trust Score

Overall83

Security92

Code Quality78

Architecture68

Usefulness72

Related Skills

Development Worktree

Create an isolated git worktree for feature work, auto-run project setup, and verify a clean test baseline before development.

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Full Stack Builder

End-to-end builder that scaffolds, implements, tests, and optionally deploys web and API applications from a natural-language specification.

Claw Bench

Benchmarking skill that guides an agent through a structured suite of capability tests and reporting steps for leaderboard submission.

Antigravity EVM Hardhat (incomplete)

Template/demo skill: EVM Hardhat config — SKILL.md missing or empty.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Back to Skills