AI-powered smart contract security auditor with parallel hunt lanes, Devil's Advocate verification, static analysis (Slither, Aderyn), fuzz testing (Echidna, Medusa), symbolic execution (Halmos), Solodit intelligence, and interactive Map-Hunt-Attack methodology
npx claudepluginhub archethect/sc-auditorAI-powered smart contract security auditor with parallel hunt lanes, Devil's Advocate verification, static analysis (Slither, Aderyn), fuzz testing (Echidna, Medusa), symbolic execution (Halmos), Solodit intelligence, and interactive Map-Hunt-Attack methodology
Claude Code marketplace entries for the plugin-safe Antigravity Awesome Skills library and its compatible editorial bundles.
Production-ready workflow orchestration with 79 focused plugins, 184 specialized agents, and 150 skills - optimized for granular installation and minimal token usage
Directory of popular Claude Code extensions including development tools, productivity plugins, and MCP integrations
Share bugs, ideas, or general feedback.
Your AI-powered smart contract security co-pilot for Claude Code and Codex CLI.
Version: 2.0.0 | Author: Archethect
sc-auditor turns your AI coding assistant into a security auditor. Point it at a Solidity codebase and it will map the architecture, dispatch six parallel agents to hunt for bugs across different vulnerability classes, then verify every finding through a Devil's Advocate pipeline that demands proof before confirmation.
Under the hood: static analysis (Slither, Aderyn), real-world vulnerability intelligence (Solodit), fuzz testing (Echidna, Medusa), symbolic execution (Halmos), and a rigorous Map-Hunt-Attack methodology — all orchestrated through prompt-driven multi-agent pipelines.
/security-auditor) — a structured multi-phase pipeline with parallel agent lanes for systematic vulnerability discovery.v2.0.0 is a ground-up rearchitecture. The hardcoded audit pipeline has been replaced with a prompt-driven multi-agent orchestration model — every phase is now executed by specialized sub-agents dispatched in parallel, with structured checkpoints for crash recovery and context-window resilience.
Parallel Hunt Lanes — Six specialized agents hunt simultaneously, each targeting a distinct vulnerability class: callback liveness, accounting/entitlement, semantic consistency, token/oracle statefulness, economic differentials, and an auto-triggered adversarial deep lane for cross-contract attack paths. Inspired by @pashov's structured agent lane methodology and adversarial verification approach.
Devil's Advocate Verification Pipeline — Every finding goes through a formal 6-dimension DA evaluation during ATTACK, then an independent skeptic (VERIFY) tries to break it with inversion mandate. Conflicts are resolved by a proof-based judge: "prove it or lose it."
Proof-or-Demote — ATTACK agents must attempt at least one proof method (Foundry PoC, Echidna, Medusa, Halmos) for confirmed vulnerabilities. In benchmark mode, unproven HIGH/MEDIUM findings are automatically demoted.
Checkpoint Discipline — Agents self-checkpoint after every phase. The orchestrator can resume from any phase after crashes, context compaction, or session interruptions.
Expanded Tool Suite — Eight MCP tools: Slither, Aderyn, Solodit search, Cyfrin checklist, Foundry PoC generation, Echidna fuzzing, Medusa fuzzing, and Halmos symbolic execution.
/security-auditor src/
|
SETUP -----> MAP -----> HUNT -----> ATTACK -----> VERIFY -----> REPORT
(1 agent) (1 agent) (5-6 agents) (N agents) (N agents)
parallel parallel parallel
|
+--------------------+--------------------+
| | | | |
Callback Accounting Semantic Token/ Economic
Liveness Entitlement Consist. Oracle Differ.
| | | | |
+----+-----+---------+----+----+----------+
| |
Adversarial Deep (auto-trigger)
(cross-contract)
Each HUNT lane produces prioritized hotspots. You pick which ones to deep-dive. ATTACK agents trace call paths, run the Devil's Advocate protocol, construct exploit sketches, and generate proofs. VERIFY agents independently challenge every finding with an inversion mandate. A judge resolves conflicts.
search_findings tool: