Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

a5c-ai/slither-analysis

Name: slither-analysis
Author: a5c-ai

library/specializations/cryptography-blockchain/skills/slither-analysis/SKILL.md

npx skillsauth add a5c-ai/babysitter slither-analysis

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Slither Static Analysis Skill

Expert-level integration with Slither, the leading static analysis framework for Solidity smart contracts.

Capabilities

Full Detector Suite: Execute Slither with all built-in detectors
Custom Configurations: Configure analysis parameters and exclusions
Severity Classification: Interpret and classify finding severity
False Positive Filtering: Context-aware false positive identification
Visual Analysis: Generate call graphs and inheritance diagrams
Custom Detectors: Run and develop custom Slither detectors
Reporting: Produce comprehensive security reports

Installation

# Install via pip
pip install slither-analyzer

# Or via pipx for isolation
pipx install slither-analyzer

# Verify installation
slither --version

Basic Usage

Run Analysis

# Analyze single file
slither Contract.sol

# Analyze Foundry project
slither . --foundry-compile-all

# Analyze Hardhat project
slither . --hardhat-compile-all

Output Formats

# Human readable (default)
slither .

# JSON output for processing
slither . --json output.json

# Markdown report
slither . --checklist

# SARIF for CI integration
slither . --sarif output.sarif

Detector Categories

High Severity Detectors

| Detector | Description | |----------|-------------| | reentrancy-eth | Reentrancy with ETH transfer | | reentrancy-no-eth | Reentrancy without ETH | | arbitrary-send-eth | Arbitrary ETH send | | controlled-delegatecall | Controlled delegatecall | | suicidal | Functions allowing anyone to destruct | | uninitialized-storage | Uninitialized storage variables |

Medium Severity Detectors

| Detector | Description | |----------|-------------| | reentrancy-benign | Benign reentrancy | | incorrect-equality | Dangerous strict equality | | locked-ether | Contracts that lock ether | | missing-zero-check | Missing zero address validation | | unchecked-transfer | Unchecked token transfers |

Low Severity Detectors

| Detector | Description | |----------|-------------| | naming-convention | Naming convention violations | | external-function | Functions that could be external | | constable-states | State variables that could be constant | | immutable-states | State variables that could be immutable |

Configuration

slither.config.json

{
  "detectors_to_run": "all",
  "exclude_informational": false,
  "exclude_low": false,
  "exclude_medium": false,
  "exclude_high": false,
  "exclude_optimization": false,
  "fail_on": "high,medium",
  "filter_paths": [
    "node_modules",
    "lib",
    "test"
  ],
  "exclude_dependencies": true,
  "legacy_ast": false
}

CLI Configuration

# Run specific detectors
slither . --detect reentrancy-eth,uninitialized-storage

# Exclude detectors
slither . --exclude naming-convention,external-function

# Filter by severity
slither . --exclude-informational --exclude-low

# Exclude specific paths
slither . --filter-paths "test|lib|node_modules"

Advanced Features

Call Graph Generation

# Generate call graph
slither . --print call-graph

# Generate inheritance graph
slither . --print inheritance-graph

# Generate contract summary
slither . --print contract-summary

Function Analysis

# Print function summaries
slither . --print function-summary

# Print variable order (storage layout)
slither . --print variable-order

# Print data dependency
slither . --print data-dependency

Custom Detectors

# custom_detector.py
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification

class MyCustomDetector(AbstractDetector):
    ARGUMENT = "my-detector"
    HELP = "Detect my custom issue"
    IMPACT = DetectorClassification.HIGH
    CONFIDENCE = DetectorClassification.HIGH

    WIKI = "https://example.com/my-detector"
    WIKI_TITLE = "My Custom Detector"
    WIKI_DESCRIPTION = "Detects..."
    WIKI_EXPLOIT_SCENARIO = "..."
    WIKI_RECOMMENDATION = "..."

    def _detect(self):
        results = []
        for contract in self.compilation_unit.contracts_derived:
            for function in contract.functions:
                # Detection logic
                if self._has_issue(function):
                    info = [function, " has an issue\n"]
                    results.append(self.generate_result(info))
        return results

CI/CD Integration

GitHub Actions

name: Slither Analysis
on: [push, pull_request]

jobs:
  slither:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Install Foundry
        uses: foundry-rs/foundry-toolchain@v1

      - name: Install Slither
        run: pip install slither-analyzer

      - name: Run Slither
        run: slither . --foundry-compile-all --fail-on high --sarif results.sarif

      - name: Upload SARIF
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif

Interpreting Results

Result Structure

{
  "success": true,
  "error": null,
  "results": {
    "detectors": [
      {
        "check": "reentrancy-eth",
        "impact": "High",
        "confidence": "Medium",
        "description": "Reentrancy in Contract.withdraw()...",
        "elements": [...],
        "first_markdown_element": "...",
        "id": "abc123"
      }
    ]
  }
}

Triage Workflow

High/Medium Impact - Investigate immediately
Check Confidence Level - High confidence = likely real issue
Review Code Context - Understand the actual flow
Verify with Tests - Write tests to confirm behavior
Document Decisions - Mark false positives with rationale

Process Integration

| Process | Purpose | |---------|---------| | smart-contract-security-audit.js | Primary security analysis | | smart-contract-development-lifecycle.js | Development validation | | formal-verification.js | Pre-verification checks |

Tools Reference

| Tool | Purpose | |------|---------| | Slither | Core static analyzer | | crytic-compile | Compilation framework | | slither-doctor | Configuration debugger |

Best Practices

Run Slither on every commit in CI
Configure appropriate exclusions to reduce noise
Review all high/medium findings manually
Write custom detectors for project-specific patterns
Use --triage-database to track false positives

a5c-ai/slither-analysis

library/specializations/cryptography-blockchain/skills/slither-analysis/SKILL.md

Expert integration with Slither static analyzer for smart contract vulnerability detection, code quality analysis, and security reporting. Supports all Slither detectors and custom analysis configurations.

680 stars

development

Updated Apr 28, 2026

$ install --global

skillsauth

npx skillsauth add a5c-ai/babysitter slither-analysis

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 28, 2026, 4:46 PM199.2s2 files scanned

SKILL.md

name:: slither-analysis
description:: Expert integration with Slither static analyzer for smart contract vulnerability detection, code quality analysis, and security reporting. Supports all Slither detectors and custom analysis configurations.
allowed-tools:: Read, Grep, Write, Bash, Edit, Glob, WebFetch

Slither Static Analysis Skill

Expert-level integration with Slither, the leading static analysis framework for Solidity smart contracts.

Capabilities

Full Detector Suite: Execute Slither with all built-in detectors
Custom Configurations: Configure analysis parameters and exclusions
Severity Classification: Interpret and classify finding severity
False Positive Filtering: Context-aware false positive identification
Visual Analysis: Generate call graphs and inheritance diagrams
Custom Detectors: Run and develop custom Slither detectors
Reporting: Produce comprehensive security reports

Installation

# Install via pip
pip install slither-analyzer

# Or via pipx for isolation
pipx install slither-analyzer

# Verify installation
slither --version

Basic Usage

Run Analysis

# Analyze single file
slither Contract.sol

# Analyze Foundry project
slither . --foundry-compile-all

# Analyze Hardhat project
slither . --hardhat-compile-all

Output Formats

# Human readable (default)
slither .

# JSON output for processing
slither . --json output.json

# Markdown report
slither . --checklist

# SARIF for CI integration
slither . --sarif output.sarif

Detector Categories

High Severity Detectors

Medium Severity Detectors

Low Severity Detectors

Configuration

slither.config.json

{
  "detectors_to_run": "all",
  "exclude_informational": false,
  "exclude_low": false,
  "exclude_medium": false,
  "exclude_high": false,
  "exclude_optimization": false,
  "fail_on": "high,medium",
  "filter_paths": [
    "node_modules",
    "lib",
    "test"
  ],
  "exclude_dependencies": true,
  "legacy_ast": false
}

CLI Configuration

# Run specific detectors
slither . --detect reentrancy-eth,uninitialized-storage

# Exclude detectors
slither . --exclude naming-convention,external-function

# Filter by severity
slither . --exclude-informational --exclude-low

# Exclude specific paths
slither . --filter-paths "test|lib|node_modules"

Advanced Features

Call Graph Generation

# Generate call graph
slither . --print call-graph

# Generate inheritance graph
slither . --print inheritance-graph

# Generate contract summary
slither . --print contract-summary

Function Analysis

# Print function summaries
slither . --print function-summary

# Print variable order (storage layout)
slither . --print variable-order

# Print data dependency
slither . --print data-dependency

Custom Detectors

# custom_detector.py
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification

class MyCustomDetector(AbstractDetector):
    ARGUMENT = "my-detector"
    HELP = "Detect my custom issue"
    IMPACT = DetectorClassification.HIGH
    CONFIDENCE = DetectorClassification.HIGH

    WIKI = "https://example.com/my-detector"
    WIKI_TITLE = "My Custom Detector"
    WIKI_DESCRIPTION = "Detects..."
    WIKI_EXPLOIT_SCENARIO = "..."
    WIKI_RECOMMENDATION = "..."

    def _detect(self):
        results = []
        for contract in self.compilation_unit.contracts_derived:
            for function in contract.functions:
                # Detection logic
                if self._has_issue(function):
                    info = [function, " has an issue\n"]
                    results.append(self.generate_result(info))
        return results

CI/CD Integration

GitHub Actions

name: Slither Analysis
on: [push, pull_request]

jobs:
  slither:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Install Foundry
        uses: foundry-rs/foundry-toolchain@v1

      - name: Install Slither
        run: pip install slither-analyzer

      - name: Run Slither
        run: slither . --foundry-compile-all --fail-on high --sarif results.sarif

      - name: Upload SARIF
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif

Interpreting Results

Result Structure

{
  "success": true,
  "error": null,
  "results": {
    "detectors": [
      {
        "check": "reentrancy-eth",
        "impact": "High",
        "confidence": "Medium",
        "description": "Reentrancy in Contract.withdraw()...",
        "elements": [...],
        "first_markdown_element": "...",
        "id": "abc123"
      }
    ]
  }
}

Triage Workflow

High/Medium Impact - Investigate immediately
Check Confidence Level - High confidence = likely real issue
Review Code Context - Understand the actual flow
Verify with Tests - Write tests to confirm behavior
Document Decisions - Mark false positives with rationale

Process Integration

Tools Reference

| Tool | Purpose | |------|---------| | Slither | Core static analyzer | | crytic-compile | Compilation framework | | slither-doctor | Configuration debugger |

Best Practices

Run Slither on every commit in CI
Configure appropriate exclusions to reduce noise
Review all high/medium findings manually
Write custom detectors for project-specific patterns
Use --triage-database to track false positives

Related Skills

a5c-ai/model-card-generator

development

VerifiedTrustedCommunity

Model documentation skill for generating model cards following Google's model card framework.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/model-card-generator

a5c-ai/mlflow-experiment-tracker

development

VerifiedTrustedCommunity

MLflow integration skill for experiment tracking, model registry, and artifact management. Enables LLMs to log experiments, compare runs, manage model lifecycle, and retrieve artifacts through the MLflow API.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/mlflow-experiment-tracker

a5c-ai/lime-explainer

data-ai

VerifiedTrustedCommunity

LIME-based local explanation skill for individual predictions across tabular, text, and image data.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/lime-explainer

a5c-ai/kubeflow-pipeline-executor

devops

VerifiedTrustedCommunity

Kubeflow Pipelines skill for ML workflow orchestration, component management, and Kubernetes-native ML.

680SKILL.mdUpdated Apr 28, 2026

a5c-ai/kubeflow-pipeline-executor

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/a5c-ai/babysitter.git

# Copy into Claude Code skills folder (global)
cp -r babysitter/library/specializations/cryptography-blockchain/skills/slither-analysis ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

a5c-ai/babysitter

680 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT

Adoption

a5c-ai/slither-analysis

$ install --global

Security Scan Results

SKILL.md

Slither Static Analysis Skill

Capabilities

Installation

Basic Usage

Run Analysis

Output Formats

Detector Categories

High Severity Detectors

Medium Severity Detectors

Low Severity Detectors

Configuration

slither.config.json

CLI Configuration

Advanced Features

Call Graph Generation

Function Analysis

Custom Detectors

CI/CD Integration

GitHub Actions

Interpreting Results

Result Structure

Triage Workflow

Process Integration

Tools Reference

Best Practices

See Also

Related Skills

a5c-ai/model-card-generator

a5c-ai/mlflow-experiment-tracker

a5c-ai/lime-explainer

a5c-ai/kubeflow-pipeline-executor

a5c-ai/slither-analysis

$ install --global

Security Scan Results

SKILL.md

Slither Static Analysis Skill

Capabilities

Installation

Basic Usage

Run Analysis

Output Formats

Detector Categories

High Severity Detectors

Medium Severity Detectors

Low Severity Detectors

Configuration

slither.config.json

CLI Configuration

Advanced Features

Call Graph Generation

Function Analysis

Custom Detectors

CI/CD Integration

GitHub Actions

Interpreting Results

Result Structure

Triage Workflow

Process Integration

Tools Reference

Best Practices

See Also

Related Skills

a5c-ai/model-card-generator

a5c-ai/mlflow-experiment-tracker

a5c-ai/lime-explainer

a5c-ai/kubeflow-pipeline-executor