Name: Solidity Guardian
Author: openclaw

Search skills.../

Solidity Guardian | Skills Pool

ID	Vulnerability	Description
SG-010	Missing access control	Public functions that should be restricted
SG-011	Unchecked transfer	ERC20 transfer without return check
SG-012	Integer overflow	Arithmetic without SafeMath (pre-0.8)
SG-013	tx.origin auth	Using tx.origin for authentication
SG-014	Weak randomness	block.timestamp/blockhash for randomness
SG-015	Unprotected withdrawal	Withdrawal without ownership check
SG-016	Unchecked low-level call	.call() without success check
SG-017	Dangerous equality	Strict balance check (manipulable)
SG-018	Deprecated functions	suicide, sha3, throw, callcode
SG-019	Wrong constructor	Function name matches contract

ID	Vulnerability	Description
SG-020	Floating pragma	Non-pinned Solidity version
SG-021	Missing zero check	No validation for zero address
SG-022	Timestamp dependence	Logic depends on block.timestamp
SG-023	DoS with revert	Loop with external call can revert
SG-024	Front-running risk	Predictable state changes

ID	Vulnerability	Description
SG-030	Missing events	State changes without events
SG-031	Magic numbers	Hardcoded values without constants
SG-032	Implicit visibility	Functions without explicit visibility
SG-033	Large contract	Contract exceeds size recommendations
SG-034	Missing NatSpec	Public functions without documentation

const { analyzeContract } = require('./analyzer');

const results = await analyzeContract('contracts/Token.sol');
console.log(results.findings);

const results = await analyzeContract('contracts/Vault.sol', {
  includeFixes: true,
  severity: ['critical', 'high']
});

for (const finding of results.findings) {
  console.log(`[${finding.severity}] ${finding.title}`);
  console.log(`  Line ${finding.line}: ${finding.description}`);
  console.log(`  Fix: ${finding.suggestion}`);
}

const { generateReport } = require('./reporter');

const report = await generateReport('./contracts/', {
  format: 'markdown',
  includeGas: true,
  includeBestPractices: true
});

fs.writeFileSync('SECURITY_AUDIT.md', report);

# Combined analysis (auto-installs Slither if missing)
node skills/solidity-guardian/slither-integration.js ./contracts/ --install-slither

# Generate combined report
node skills/solidity-guardian/slither-integration.js . --format markdown --output AUDIT.md

# Guardian only (faster, no Slither dependency)
node skills/solidity-guardian/slither-integration.js ./contracts/ --guardian-only

# Slither only
node skills/solidity-guardian/slither-integration.js ./contracts/ --slither-only

// hardhat.config.js
require('./skills/solidity-guardian/hardhat-plugin');

// Run: npx hardhat guardian

# Add to CI
forge build
node skills/solidity-guardian/analyze.js ./src/

ID	Vulnerability	Description
SG-001	Reentrancy	External calls before state updates
SG-002	Unprotected selfdestruct	Missing access control on selfdestruct
SG-003	Delegatecall to untrusted

ID	Vulnerability	Description
SG-001	Reentrancy	External calls before state updates
SG-002	Unprotected selfdestruct	Missing access control on selfdestruct
SG-003	Delegatecall to untrusted

Solidity Guardian

Quick Start

What It Detects (40+ Patterns)

Critical (Must Fix)

Solidity Guardian

Quick Start

What It Detects (40+ Patterns)

Critical (Must Fix)

High (Should Fix)

Medium (Consider Fixing)

Low (Best Practice)

Usage Examples

Basic Analysis

With Fix Suggestions

Generate Report

Best Practices Checklist

Access Control

Reentrancy Prevention

Input Validation

Arithmetic Safety

Upgradeability (if applicable)

Slither Integration

Integration with Other Tools

Hardhat

Foundry

References

Defi Amm Security

Nodejs Keccak256

Syncable Entity Builder And Validation

Nft Standards

Solidity Security

Defi Protocol Templates