Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

apegurus/amm-dex

Name: amm-dex
Author: apegurus

skills/protocol-patterns/amm-dex/SKILL.md

npx skillsauth add apegurus/solidity-argus amm-dex

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

AMM (Automated Market Maker) Security Guide

Overview

AMMs (Uniswap, Curve, Balancer) enable permissionless token swaps via liquidity pools. Core security concerns: price manipulation, MEV, impermanent loss, and LP token accounting.

Architecture

┌─────────────────────────────────────────────────────────────┐
│                         AMM POOL                            │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│   x * y = k (Constant Product)                              │
│                                                             │
│   ┌─────────┐         ┌─────────┐                          │
│   │ Token A │ ◄─────► │ Token B │                          │
│   │ Reserve │         │ Reserve │                          │
│   └─────────┘         └─────────┘                          │
│        ▲                   ▲                                │
│        │                   │                                │
│   ┌─────────────────────────────┐                          │
│   │      LP Token Holders       │                          │
│   └─────────────────────────────┘                          │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Critical Security Areas

1. Price Manipulation

Attack Vectors:

Flash loan price manipulation
Sandwich attacks
JIT (Just-In-Time) liquidity

Checklist:

[ ] Is spot price used for anything critical? (Don't!)
[ ] Are there TWAP implementations? Are windows sufficient?
[ ] Can price be moved significantly in one transaction?
[ ] Is slippage protection enforced?

// VULNERABLE: Spot price for external use
function getPrice() external view returns (uint256) {
    return reserve1 * 1e18 / reserve0;  // Manipulatable!
}

// SECURE: Accumulator-based TWAP
function updateTWAP() internal {
    uint32 timeElapsed = block.timestamp - lastUpdate;
    if (timeElapsed > 0) {
        priceAccumulator += getSpotPrice() * timeElapsed;
        lastUpdate = block.timestamp;
    }
}

2. Slippage & MEV

Attack Vectors:

User sets 0 slippage tolerance
Sandwich attacks when slippage is high
Deadline not enforced

Checklist:

[ ] Is minAmountOut enforced?
[ ] Is deadline parameter checked?
[ ] Are there reasonable slippage bounds?
[ ] Is there MEV protection guidance for users?

// VULNERABLE: No deadline check
function swap(uint256 amountIn, uint256 minAmountOut) external {
    // Missing deadline check - tx can be held and executed later
}

// SECURE
function swap(
    uint256 amountIn, 
    uint256 minAmountOut,
    uint256 deadline
) external {
    require(block.timestamp <= deadline, "Expired");
    // ...
    require(amountOut >= minAmountOut, "Slippage");
}

3. LP Token Accounting

Attack Vectors:

First depositor inflation attack
LP token value manipulation
Donation attacks

Checklist:

[ ] Is first LP protected from inflation attack?
[ ] Are LP tokens calculated correctly with proper rounding?
[ ] Can direct token transfers manipulate LP value?
[ ] Is minimum liquidity locked (Uniswap pattern)?

// Uniswap V2 first deposit protection
uint256 public constant MINIMUM_LIQUIDITY = 1000;

function mint() external returns (uint256 liquidity) {
    uint256 _totalSupply = totalSupply;
    if (_totalSupply == 0) {
        liquidity = Math.sqrt(amount0 * amount1) - MINIMUM_LIQUIDITY;
        _mint(address(0), MINIMUM_LIQUIDITY);  // Lock minimum
    } else {
        liquidity = Math.min(
            amount0 * _totalSupply / _reserve0,
            amount1 * _totalSupply / _reserve1
        );
    }
}

4. Swap Calculations

Attack Vectors:

Rounding errors favoring trader
Fee bypass
Incorrect constant product maintenance

Checklist:

[ ] Is k always maintained or increasing (k_after ≥ k_before)?
[ ] Are fees correctly deducted?
[ ] Does rounding favor the pool?
[ ] Are there precision issues with small amounts?

// VULNERABLE: k can decrease due to rounding
function swap(uint256 amountIn, uint256 amountOut) external {
    // ... transfer tokens ...
    require(reserve0 * reserve1 >= k, "Invalid k");  // Should be >=
}

5. Reentrancy in Swaps

Attack Vectors:

Callback reentrancy (flash swaps)
ERC777/hooks during transfer

Checklist:

[ ] Is reentrancy guard in place?
[ ] Are state updates before external calls?
[ ] Are callbacks properly restricted?
[ ] Is there ERC777 token support? If so, is it safe?

AMM-Specific Vulnerabilities

Curve: Read-Only Reentrancy

// Curve's virtual_price can be manipulated during reentrancy
// Attack: Enter pool → in callback, read virtual_price → it's wrong

// VULNERABLE: Reading Curve virtual_price during callback
function deposit(uint256 amount) external {
    uint256 price = curvePool.get_virtual_price();  // Can be manipulated
    uint256 value = amount * price / 1e18;
}

Uniswap V3: Concentrated Liquidity

Additional concerns:

Tick manipulation
Position NFT security
Fee calculation across ticks

Balancer: Weighted Pools

Additional concerns:

Weight manipulation in managed pools
Complex math (power functions)
Multiple token interactions

Testing Checklist

Unit Tests

[ ] Swap calculations match expected output
[ ] LP mint/burn accounting
[ ] Fee collection accurate
[ ] Slippage enforcement

Integration Tests

[ ] Multi-hop swaps
[ ] Flash swap callbacks
[ ] Oracle integrations

Invariant Tests

[ ] k_after ≥ k_before (constant product)
[ ] Sum of LP tokens = totalSupply
[ ] Reserves match actual balances
[ ] No tokens created from nothing

Attack Simulations

[ ] Sandwich attack simulation
[ ] Flash loan manipulation
[ ] First depositor attack

References

Uniswap V2 Core
Uniswap V3 Security
Curve Read-Only Reentrancy
Balancer V2 Security

apegurus/amm-dex

skills/protocol-patterns/amm-dex/SKILL.md

AMM and DEX security patterns covering pricing, LP accounting, MEV, and swap invariants.

testing

Updated May 13, 2026

$ install --global

skillsauth

npx skillsauth add apegurus/solidity-argus amm-dex

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 13, 2026, 3:23 AM124.5s1 file scanned

SKILL.md

name:: amm-dex
description:: AMM and DEX security patterns covering pricing, LP accounting, MEV, and swap invariants.
category:: protocol-pattern
source_url:: https://github.com/DeFiFoFum/fofum-solidity-skills
source_license:: MIT
imported_at:: 2025-01-15T00:00:00Z

AMM (Automated Market Maker) Security Guide

Overview

AMMs (Uniswap, Curve, Balancer) enable permissionless token swaps via liquidity pools. Core security concerns: price manipulation, MEV, impermanent loss, and LP token accounting.

Architecture

┌─────────────────────────────────────────────────────────────┐
│                         AMM POOL                            │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│   x * y = k (Constant Product)                              │
│                                                             │
│   ┌─────────┐         ┌─────────┐                          │
│   │ Token A │ ◄─────► │ Token B │                          │
│   │ Reserve │         │ Reserve │                          │
│   └─────────┘         └─────────┘                          │
│        ▲                   ▲                                │
│        │                   │                                │
│   ┌─────────────────────────────┐                          │
│   │      LP Token Holders       │                          │
│   └─────────────────────────────┘                          │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Critical Security Areas

1. Price Manipulation

Attack Vectors:

Flash loan price manipulation
Sandwich attacks
JIT (Just-In-Time) liquidity

Checklist:

[ ] Is spot price used for anything critical? (Don't!)
[ ] Are there TWAP implementations? Are windows sufficient?
[ ] Can price be moved significantly in one transaction?
[ ] Is slippage protection enforced?

// VULNERABLE: Spot price for external use
function getPrice() external view returns (uint256) {
    return reserve1 * 1e18 / reserve0;  // Manipulatable!
}

// SECURE: Accumulator-based TWAP
function updateTWAP() internal {
    uint32 timeElapsed = block.timestamp - lastUpdate;
    if (timeElapsed > 0) {
        priceAccumulator += getSpotPrice() * timeElapsed;
        lastUpdate = block.timestamp;
    }
}

2. Slippage & MEV

Attack Vectors:

User sets 0 slippage tolerance
Sandwich attacks when slippage is high
Deadline not enforced

Checklist:

[ ] Is minAmountOut enforced?
[ ] Is deadline parameter checked?
[ ] Are there reasonable slippage bounds?
[ ] Is there MEV protection guidance for users?

// VULNERABLE: No deadline check
function swap(uint256 amountIn, uint256 minAmountOut) external {
    // Missing deadline check - tx can be held and executed later
}

// SECURE
function swap(
    uint256 amountIn, 
    uint256 minAmountOut,
    uint256 deadline
) external {
    require(block.timestamp <= deadline, "Expired");
    // ...
    require(amountOut >= minAmountOut, "Slippage");
}

3. LP Token Accounting

Attack Vectors:

First depositor inflation attack
LP token value manipulation
Donation attacks

Checklist:

[ ] Is first LP protected from inflation attack?
[ ] Are LP tokens calculated correctly with proper rounding?
[ ] Can direct token transfers manipulate LP value?
[ ] Is minimum liquidity locked (Uniswap pattern)?

// Uniswap V2 first deposit protection
uint256 public constant MINIMUM_LIQUIDITY = 1000;

function mint() external returns (uint256 liquidity) {
    uint256 _totalSupply = totalSupply;
    if (_totalSupply == 0) {
        liquidity = Math.sqrt(amount0 * amount1) - MINIMUM_LIQUIDITY;
        _mint(address(0), MINIMUM_LIQUIDITY);  // Lock minimum
    } else {
        liquidity = Math.min(
            amount0 * _totalSupply / _reserve0,
            amount1 * _totalSupply / _reserve1
        );
    }
}

4. Swap Calculations

Attack Vectors:

Rounding errors favoring trader
Fee bypass
Incorrect constant product maintenance

Checklist:

[ ] Is k always maintained or increasing (k_after ≥ k_before)?
[ ] Are fees correctly deducted?
[ ] Does rounding favor the pool?
[ ] Are there precision issues with small amounts?

// VULNERABLE: k can decrease due to rounding
function swap(uint256 amountIn, uint256 amountOut) external {
    // ... transfer tokens ...
    require(reserve0 * reserve1 >= k, "Invalid k");  // Should be >=
}

5. Reentrancy in Swaps

Attack Vectors:

Callback reentrancy (flash swaps)
ERC777/hooks during transfer

Checklist:

[ ] Is reentrancy guard in place?
[ ] Are state updates before external calls?
[ ] Are callbacks properly restricted?
[ ] Is there ERC777 token support? If so, is it safe?

AMM-Specific Vulnerabilities

Curve: Read-Only Reentrancy

// Curve's virtual_price can be manipulated during reentrancy
// Attack: Enter pool → in callback, read virtual_price → it's wrong

// VULNERABLE: Reading Curve virtual_price during callback
function deposit(uint256 amount) external {
    uint256 price = curvePool.get_virtual_price();  // Can be manipulated
    uint256 value = amount * price / 1e18;
}

Uniswap V3: Concentrated Liquidity

Additional concerns:

Tick manipulation
Position NFT security
Fee calculation across ticks

Balancer: Weighted Pools

Additional concerns:

Weight manipulation in managed pools
Complex math (power functions)
Multiple token interactions

Testing Checklist

Unit Tests

[ ] Swap calculations match expected output
[ ] LP mint/burn accounting
[ ] Fee collection accurate
[ ] Slippage enforcement

Integration Tests

[ ] Multi-hop swaps
[ ] Flash swap callbacks
[ ] Oracle integrations

Invariant Tests

[ ] k_after ≥ k_before (constant product)
[ ] Sum of LP tokens = totalSupply
[ ] Reserves match actual balances
[ ] No tokens created from nothing

Attack Simulations

[ ] Sandwich attack simulation
[ ] Flash loan manipulation
[ ] First depositor attack

References

Uniswap V2 Core
Uniswap V3 Security
Curve Read-Only Reentrancy
Balancer V2 Security

Related Skills

apegurus/vector-scan

testing

VerifiedTrustedCommunity

Specialist profile for mechanically applying the attack-vector deck and classifying vectors as skip, drop, or investigate.

SKILL.mdUpdated May 30, 2026

apegurus/periphery

tools

VerifiedTrustedCommunity

Specialist profile for libraries, helpers, base contracts, adapters, encoders, wrappers, and integration glue.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

testing

VerifiedTrustedCommunity

Specialist profile for rounding, scale, decimal, downcast, and arithmetic accounting edge cases.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

apegurus/invariant

testing

VerifiedTrustedCommunity

Specialist profile for extracting conservation laws and state couplings, then searching for violating paths.

SKILL.mdUpdated May 30, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/apegurus/solidity-argus.git

# Copy into Claude Code skills folder (global)
cp -r solidity-argus/skills/protocol-patterns/amm-dex ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

apegurus/solidity-argus

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT