Smart Contract Vulnerability Auditor

Systematically audit a Solidity codebase for vulnerabilities using a four-phase approach that balances thoroughness with efficiency.

When to Use

• Auditing a Solidity codebase for security vulnerabilities before deployment
• Reviewing smart contract code for common exploit patterns (reentrancy, overflow, access control, etc.)
• Performing a structured vulnerability scan across an entire Solidity project
• Validating that a contract follows security best practices after modifications

When NOT to Use

• Auditing non-Solidity smart contracts (Vyper, Rust/Anchor, Move) — patterns are Solidity-specific
• Reviewing off-chain code (JavaScript, TypeScript backends) — use general security review instead
• When the user only wants gas optimization or code style feedback — this focuses on exploitable vulnerabilities
• For formal verification of invariants — use tools like Certora, Halmos, or Echidna instead

Rationalizations to Reject