Expert integration with Slither static analyzer for smart contract vulnerability detection, code quality analysis, and security reporting. Supports all Slither detectors and custom analysis configurations.
Expert-level integration with Slither, the leading static analysis framework for Solidity smart contracts.
# Install via pip
pip install slither-analyzer
# Or via pipx for isolation
pipx install slither-analyzer
# Verify installation
slither --version
# Analyze single file
slither Contract.sol
# Analyze Foundry project
slither . --foundry-compile-all
# Analyze Hardhat project
slither . --hardhat-compile-all
# Human readable (default)
slither .
# JSON output for processing
slither . --json output.json
# Markdown report
slither . --checklist
# SARIF for CI integration
slither . --sarif output.sarif
| Detector | Description |
|---|---|
reentrancy-eth | Reentrancy with ETH transfer |
reentrancy-no-eth | Reentrancy without ETH |
arbitrary-send-eth | Arbitrary ETH send |
controlled-delegatecall | Controlled delegatecall |
suicidal | Functions allowing anyone to destruct |
uninitialized-storage | Uninitialized storage variables |
| Detector | Description |
|---|---|
reentrancy-benign | Benign reentrancy |
incorrect-equality | Dangerous strict equality |
locked-ether | Contracts that lock ether |
missing-zero-check | Missing zero address validation |
unchecked-transfer | Unchecked token transfers |
| Detector | Description |
|---|---|
naming-convention | Naming convention violations |
external-function | Functions that could be external |
constable-states | State variables that could be constant |
immutable-states | State variables that could be immutable |
{
"detectors_to_run": "all",
"exclude_informational": false,
"exclude_low": false,
"exclude_medium": false,
"exclude_high": false,
"exclude_optimization": false,
"fail_on": "high,medium",
"filter_paths": [
"node_modules",
"lib",
"test"
],
"exclude_dependencies": true,
"legacy_ast": false
}
# Run specific detectors
slither . --detect reentrancy-eth,uninitialized-storage
# Exclude detectors
slither . --exclude naming-convention,external-function
# Filter by severity
slither . --exclude-informational --exclude-low
# Exclude specific paths
slither . --filter-paths "test|lib|node_modules"
# Generate call graph
slither . --print call-graph
# Generate inheritance graph
slither . --print inheritance-graph
# Generate contract summary
slither . --print contract-summary
# Print function summaries
slither . --print function-summary
# Print variable order (storage layout)
slither . --print variable-order
# Print data dependency
slither . --print data-dependency
# custom_detector.py
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification
class MyCustomDetector(AbstractDetector):
ARGUMENT = "my-detector"
HELP = "Detect my custom issue"
IMPACT = DetectorClassification.HIGH
CONFIDENCE = DetectorClassification.HIGH
WIKI = "https://example.com/my-detector"
WIKI_TITLE = "My Custom Detector"
WIKI_DESCRIPTION = "Detects..."
WIKI_EXPLOIT_SCENARIO = "..."
WIKI_RECOMMENDATION = "..."
def _detect(self):
results = []
for contract in self.compilation_unit.contracts_derived:
for function in contract.functions:
# Detection logic
if self._has_issue(function):
info = [function, " has an issue\n"]
results.append(self.generate_result(info))
return results