Skip to content

feat: add slither_to_json_with_diagnostics script for enhanced contract analysis #103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 19, 2025
Merged

feat: add slither_to_json_with_diagnostics script for enhanced contract analysis #103

merged 1 commit into from
Sep 19, 2025

Conversation

aleskrin
Copy link
Member

@aleskrin aleskrin commented Sep 19, 2025
edited by coderabbitai bot
Loading

Description:

  • Created Static agent folder
  • Created slither agent folder
  • Added slither_to_json_with_diagnostics python file for smart contract vulnerability detection

Summary by CodeRabbit

  • New Features
    • Introduces an enhanced Slither analysis tool that outputs JSON diagnostics to stdout.
    • Optional syntax pre-validation and auto-fix when available.
    • Supports detector selection (defaults to all), with captured errors and timing data.
    • Automatic fallback to CLI or Docker-based analysis if the Python API returns no findings.
    • Configurable runtime options: contract target, compiler path, detector set, Docker image, and auto-fix toggle.
    • Includes ISO-8601 timestamping for reports.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Sep 19, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

Adds a new script to run Slither with optional pre-validation and auto-fix, execute detectors, capture exceptions and timings, and fallback to CLI/Docker if Python API yields no findings. Outputs a JSON report to stdout. Introduces runtime-configurable variables and a helper function for UTC ISO-8601 timestamps.

Changes

Cohort / File(s) Summary of Changes
Slither JSON diagnostics script
Static_agent/Slither_agent/slither_to_json_with_diagnostics.py		 New script implementing Slither analysis with optional pre-validation and auto-fix, detectors execution, exception and timing capture, CLI and Docker fallbacks, and JSON output. Adds config variables (CONTRACT, SOLC_PATH, DETECTORS_CLI, DOCKER_IMAGE, AUTO_FIX_SYNTAX, PRE_VALIDATION_AVAILABLE) and helper now_iso().

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor U as User
    participant S as slither_to_json_with_diagnostics.py
    participant V as Pre-Validator (optional)
    participant P as Slither Python API
    participant C as Slither CLI
    participant D as Slither Docker
    participant O as Stdout (JSON)

    U->>S: Invoke script with args (contract, solc path, detectors)
    rect rgba(200,220,255,0.25)
    note right of S: Optional pre-validation
    alt PRE_VALIDATION_AVAILABLE and AUTO_FIX_SYNTAX
        S->>V: Validate/fix contract syntax
        V-->>S: Validation result (ok/errors)
    else No pre-validation
        S-->>S: Skip validation
    end
    end

    rect rgba(220,255,220,0.25)
    note over S,P: Primary analysis
    S->>P: Run detectors via Python API
    alt Findings or diagnostics
        P-->>S: Results + timings + exceptions
    else No findings
        P-->>S: Empty/none
        note right of S: Fallback path
        S->>C: Run slither CLI with detectors
        alt CLI yields results
            C-->>S: CLI findings
        else No CLI results or error
            C--x S: Error/empty
            S->>D: Run Docker-based slither
            D-->>S: Docker findings or error
        end
    end
    end

    rect rgba(255,240,200,0.35)
    note over S: Aggregate data, add timestamps (now_iso), durations, errors
    S-->>O: Emit JSON report to stdout
    end
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I twitch my ears at logs and time,
Hop through detectors, neat and prime.
If Python’s hush, I CLI hop—
And Docker burrows don’t let me stop.
With JSON carrots, crisp and bright,
I nibble bugs by moonlit byte.
🥕✨

✨ Finishing touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feature/stag-slither-agent-start
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 328c136 and dc27d6f.

📒 Files selected for processing (1)
  • Static_agent/Slither_agent/slither_to_json_with_diagnostics.py (1 hunks)

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@aleskrin aleskrin merged commit 64bb43a into main Sep 19, 2025
1 check was pending
This was referenced Sep 19, 2025
Merged
Merged
Merged
Merged
@robaribas robaribas deleted the feature/stag-slither-agent-start branch October 2, 2025 11:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robaribas robaribas robaribas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aleskrin @robaribas