Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

apegurus/uninitialized-storage-pointer

Name: uninitialized-storage-pointer
Author: apegurus

skills/vulnerability-patterns/uninitialized-storage-pointer/SKILL.md

npx skillsauth add apegurus/solidity-argus uninitialized-storage-pointer

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Uninitialized Storage Pointer

Preconditions

Solidity version <0.5.0
Local variables of complex types (structs, arrays) are declared without an explicit storage or memory data location
The variable defaults to storage, pointing to slot 0

Vulnerable Pattern

// Solidity <0.5.0 only
pragma solidity ^0.4.24;

contract Registry {
    address public owner;      // Stored in slot 0
    uint256 public totalUsers; // Stored in slot 1

    struct User {
        address addr;
        uint256 balance;
    }

    User[] public users;

    function addUser(address _addr, uint256 _balance) external {
        // No data location specified — defaults to storage
        // Points to slot 0 (owner) and slot 1 (totalUsers)
        User u;        // u.addr aliases slot 0 (owner)
        u.addr = _addr;    // Overwrites owner!
        u.balance = _balance; // Overwrites totalUsers!
        users.push(u);
    }
}

Detection Heuristics

Check the Solidity version: if >=0.5.0, this vulnerability is impossible (compiler requires explicit data location)
For <0.5.0: search for local struct or array variable declarations without storage or memory keyword
If a local variable of a complex type has no data location, it defaults to storage at slot 0 — writes to it overwrite the first state variables
Check which state variables occupy slots 0, 1, 2, etc. — these are the ones at risk of overwrite
Look for struct field assignments on local variables that could alias storage

False Positives

Solidity >=0.5.0 (compiler enforces explicit data location — this can't happen)
The variable is explicitly declared as memory (e.g., User memory u)
The variable is explicitly declared as storage and intentionally points to a known storage location

Remediation

Upgrade to Solidity >=0.5.0 where explicit data locations are compiler-enforced
For legacy contracts, add explicit memory or storage to all local complex-type declarations

function addUser(address _addr, uint256 _balance) external {
    User memory u;         // Explicit memory — no storage aliasing
    u.addr = _addr;
    u.balance = _balance;
    users.push(u);
}

apegurus/uninitialized-storage-pointer

skills/vulnerability-patterns/uninitialized-storage-pointer/SKILL.md

- Solidity version <0.5.0

data-ai

Updated May 13, 2026

$ install --global

skillsauth

npx skillsauth add apegurus/solidity-argus uninitialized-storage-pointer

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: May 13, 2026, 3:32 AM160.4s1 file scanned

SKILL.md

name:: uninitialized-storage-pointer
description:: Storage data-location usage that may indicate legacy pointer hazards
pattern_category:: logic-error
- regex:: storage\b
severity:: Low
confidence:: Low
swc:: SWC-109

Uninitialized Storage Pointer

Preconditions

Solidity version <0.5.0
Local variables of complex types (structs, arrays) are declared without an explicit storage or memory data location
The variable defaults to storage, pointing to slot 0

Vulnerable Pattern

// Solidity <0.5.0 only
pragma solidity ^0.4.24;

contract Registry {
    address public owner;      // Stored in slot 0
    uint256 public totalUsers; // Stored in slot 1

    struct User {
        address addr;
        uint256 balance;
    }

    User[] public users;

    function addUser(address _addr, uint256 _balance) external {
        // No data location specified — defaults to storage
        // Points to slot 0 (owner) and slot 1 (totalUsers)
        User u;        // u.addr aliases slot 0 (owner)
        u.addr = _addr;    // Overwrites owner!
        u.balance = _balance; // Overwrites totalUsers!
        users.push(u);
    }
}

Detection Heuristics

Check the Solidity version: if >=0.5.0, this vulnerability is impossible (compiler requires explicit data location)
For <0.5.0: search for local struct or array variable declarations without storage or memory keyword
If a local variable of a complex type has no data location, it defaults to storage at slot 0 — writes to it overwrite the first state variables
Check which state variables occupy slots 0, 1, 2, etc. — these are the ones at risk of overwrite
Look for struct field assignments on local variables that could alias storage

False Positives

Solidity >=0.5.0 (compiler enforces explicit data location — this can't happen)
The variable is explicitly declared as memory (e.g., User memory u)
The variable is explicitly declared as storage and intentionally points to a known storage location

Remediation

Upgrade to Solidity >=0.5.0 where explicit data locations are compiler-enforced
For legacy contracts, add explicit memory or storage to all local complex-type declarations

function addUser(address _addr, uint256 _balance) external {
    User memory u;         // Explicit memory — no storage aliasing
    u.addr = _addr;
    u.balance = _balance;
    users.push(u);
}

Related Skills

apegurus/vector-scan

testing

VerifiedTrustedCommunity

Specialist profile for mechanically applying the attack-vector deck and classifying vectors as skip, drop, or investigate.

SKILL.mdUpdated May 30, 2026

apegurus/periphery

tools

VerifiedTrustedCommunity

Specialist profile for libraries, helpers, base contracts, adapters, encoders, wrappers, and integration glue.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

testing

VerifiedTrustedCommunity

Specialist profile for rounding, scale, decimal, downcast, and arithmetic accounting edge cases.

SKILL.mdUpdated May 30, 2026

apegurus/math-precision

apegurus/invariant

testing

VerifiedTrustedCommunity

Specialist profile for extracting conservation laws and state couplings, then searching for violating paths.

SKILL.mdUpdated May 30, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/apegurus/solidity-argus.git

# Copy into Claude Code skills folder (global)
cp -r solidity-argus/skills/vulnerability-patterns/uninitialized-storage-pointer ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

apegurus/solidity-argus

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT