Solana Security Standard
The Solana Security Standard — SOL-0XX rules distilled from $514M of real exploits, firing as you code in every AI tool (Claude Code, Codex, Cursor, Windsurf…), your editor, and CI. By the auditors who find them.
-orange)
The same SOL-0XX rules flag Solana-specific bugs while you code — caller-controlled clock values, cross-market state asymmetry, wrapper handlers that drift from engine logic, missing Anchor constraints, and 37 bug classes in all, drawn from real audits.
Works in: Claude Code · Codex · Copilot · Cursor · Windsurf · Cline · Aider · any MCP client · the VS Code extension (Open VSX) · the CLI · Semgrep · GitHub Actions. Pick your surface below.
Use it in Claude Code (30 seconds)
mkdir -p .claude && \
curl -sL https://raw.githubusercontent.com/Copenhagen0x/solana-security-standard/main/plugin-guidance.md \
-o .claude/claude-security-guidance.md && \
curl -sL https://raw.githubusercontent.com/Copenhagen0x/solana-security-standard/main/security-patterns.yaml \
-o .claude/security-patterns.yaml
plugin-guidance.md is the compact ≤8 KB plugin digest (every rule as a one-line cue, generated from the full claude-security-guidance.md); it lands as the plugin's .claude/claude-security-guidance.md. Full per-rule detail is one MCP call (list_solana_security_rules) or one click (the master on GitHub) away.
Then make sure you have Anthropic's security-guidance plugin installed:
/plugin install security-guidance@claude-plugins-official
/reload-plugins
Done. Open a Solana program file in Claude Code and the plugin will catch issues as you write.
(This pulls from main with no integrity check. For supply-chain-sensitive use, see Verified install below.)
Or install the whole standard as a Claude Code plugin (the MCP scan tool + a /scan command, auto-wired):
/plugin marketplace add Copenhagen0x/solana-security-standard
/plugin install solana-security-standard@solana-security-standard
Verified install (pin + checksum)
For CI or supply-chain-sensitive setups, pin to a release tag and verify the download against the published CHECKSUMS.txt instead of pulling main:
Note: the plugin-guidance.md digest ships from v1.11.0 onward. Until that release is tagged, use the Quick install above (which pulls the digest from main); the pinned-tag flow below works once v1.11.0 exists.
TAG=v1.11.0 # the digest ships from v1.11.0 on; older tags use claude-security-guidance.md directly
BASE="https://raw.githubusercontent.com/Copenhagen0x/solana-security-standard/$TAG"
tmp=$(mktemp -d) && cd "$tmp" && mkdir -p semgrep
curl -fsSL "$BASE/CHECKSUMS.txt" -o CHECKSUMS.txt
curl -fsSL "$BASE/plugin-guidance.md" -o plugin-guidance.md
curl -fsSL "$BASE/security-patterns.yaml" -o security-patterns.yaml
curl -fsSL "$BASE/semgrep/solana-security-standard.yaml" -o semgrep/solana-security-standard.yaml
sha256sum -c CHECKSUMS.txt # Linux — all three must print "OK"; aborts on any mismatch
# macOS (no sha256sum): shasum -a 256 -c CHECKSUMS.txt
mkdir -p "$OLDPWD/.claude"
cp security-patterns.yaml "$OLDPWD/.claude/"
cp plugin-guidance.md "$OLDPWD/.claude/claude-security-guidance.md" # rename to the plugin's expected filename
# the verified semgrep ruleset stays in $tmp/semgrep/ — point `semgrep --config` at it or copy where you need it
Pinning to a tag freezes you to a known release (a tampered main can't reach you); the checksum confirms nothing was altered in transit. (Hashes are over the LF bytes GitHub serves — verify the downloaded files, not a CRLF local checkout.) Tags from v1.9.1 on are SSH-signed — verify origin with git verify-tag v1.11.0 (key + steps in SECURITY.md). (Checksums and the in-repo allowed-signers can't defend against a full account compromise that rewrites both — the signed tag, verified out of band, is the origin check for that.)
Run it in CI — GitHub Action
Gate every pull request on the standard. The same SOL-0XX patterns run as a check, with inline annotations on the diff:
