ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 4/5

slither-audit

Run slither static analysis on Solidity contracts. Fast, lightweight security scanner for EVM smart contracts.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/aviclaw/slither-audit
Or

What This Skill Does

The slither-audit skill integrates the industry-standard Slither static analysis framework directly into your OpenClaw environment. It allows you to perform automated, deep-level security analysis on local Solidity smart contracts. By scanning your source code, the skill identifies potential vulnerabilities, coding errors, and gas optimization opportunities. It acts as a primary gatekeeper in your development lifecycle, surfacing high-risk issues like reentrancy, improper access control, and integer overflows before you ever consider deploying to a mainnet or testnet. The tool is designed for speed and precision, acting as a lightweight yet robust deterministic scanner rather than an AI-generative model.

Installation

To integrate this security utility into your local environment, use the OpenClaw management CLI. Ensure you have the slither-analyzer Python package installed in your environment, as it serves as the underlying engine. Run the following command:

clawhub install openclaw/skills/skills/aviclaw/slither-audit

Ensure that you have solc (the Solidity compiler) installed and configured on your machine, as Slither requires it to parse your contracts correctly.

Use Cases

This skill is ideal for:

  • Pre-deployment security checks for local smart contract development.
  • Auditing existing projects for compliance with security best practices.
  • Identifying low-hanging fruit in legacy codebases before manual expert review.
  • Automating security regression testing within a CI/CD pipeline integrated with OpenClaw.

Example Prompts

  1. "Run a security audit on the ./src folder and output a summary of any high-severity reentrancy issues."
  2. "Analyze the contract TokenVault.sol and generate a markdown report detailing all detected vulnerabilities."
  3. "Can you perform a quick Slither scan on my current project directory and highlight any access control flaws?"

Tips & Limitations

  • Local Files Only: This tool cannot interact with Etherscan or other block explorers to fetch verified contract code directly. Please ensure your files are saved locally.
  • No AI Analysis: Slither is a static analysis framework. It does not 'reason' about business logic; it searches for known vulnerability patterns. If you need semantic logic analysis, pair this with evmbench.
  • Prerequisites: Your code must compile successfully; the tool cannot audit broken or syntactically incorrect Solidity code.
  • Versioning: Always verify your solc version matches your contract's pragma requirements to avoid analysis failures.
Read Full Documentation on GitHub

Metadata

Author@aviclaw
Stars4473
Views2
Updated2026-05-01
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-aviclaw-slither-audit": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#solidity#security#blockchain#audit#web3
Safety Score: 4/5

Flags: file-read, code-execution

Related Skills

Zeroex Swap

Skill by aviclaw

aviclaw 4473

x-research

General-purpose X/Twitter research agent. Searches X for real-time perspectives, dev discussions, product feedback, cultural takes, breaking news, and expert opinions. Works like a web research agent but uses X as the source. Use when: (1) user says "x research", "search x for", "search twitter for", "what are people saying about", "what's twitter saying", "check x for", "x search", "/x-research", (2) user is working on something where recent X discourse would provide useful context (new library releases, API changes, product launches, cultural events, industry drama), (3) user wants to find what devs/experts/community thinks about a topic. NOT for: posting tweets, account management, or historical archive searches beyond 7 days.

aviclaw 4473

verify-before-done

Prevent premature completion claims, repeated same-pattern retries, and weak handoffs. Use this skill to improve verification, strategy switching, and blocked-task reporting without changing personality or tone.

aviclaw 4473

Agent Security Auditor

Skill by aviclaw

aviclaw 4473

solidity-guardian

Smart contract security analysis skill. Detect vulnerabilities, suggest fixes, generate audit reports. Supports Hardhat/Foundry projects. Uses pattern matching + best practices from Trail of Bits, OpenZeppelin, and Consensys.

aviclaw 4473