A DFS-based AI security auditor for Solidity. The lead auditor reads code, builds a structured context map, extracts value-flow call paths, then delegates each path to a hunt agent for line-by-line depth-first analysis. Findings are merged, deduplicated, and validated.
Pipeline
- Reconnaissance — discover
.solfiles, resolve skill references, create temp dir - Context & Analysis — subagent builds context map + threat model + agent allocation plan
- Delegated Hunting — parallel hunt agents do DFS on assigned call paths
- Merge & Dedup — deduplicate findings, assess coverage against entry point census
- Adversarial [deep] — falsifier agent challenges every finding with source verification
- Report — severity-ranked findings + honest coverage summary
Design Philosophy
- Coverage, not constraint — The primary job is structural: build a context map of every entry point, every state variable, every value flow. An agent that never reads a function cannot find a bug in it.
- Domain knowledge as a reference, not a script — The checklist is a curated set of Solidity vulnerability patterns that agents consult when they encounter matching code.
- Validation as discipline — Every finding passes a 3-gate false-positive check + 6D adversarial scoring.
Track Record
$21K earned on Immunefi
Install
# Tell Claude Code:
Install skill https://github.com/DarkNavySecurity/web3-skills/
Usage
# Scan the full repo
/contract-auditor
# Deep: adds adversarial falsifier after merge
/contract-auditor deep
# Review specific file(s)
/contract-auditor src/Vault.sol