Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Adding a new detector
Slither's plugin architecture lets you integrate new detectors that run from the command line.
The skeleton for a detector is:
from slither.detectors.abstract_detector import AbstractDetector, DetectorClassification class Skeleton(AbstractDetector): """ Documentation """ ARGUMENT = 'mydetector' # slither will launch the detector with slither.py --mydetector HELP = 'Help printed by slither' IMPACT = DetectorClassification.HIGH CONFIDENCE = DetectorClassification.HIGH def detect(self): return 
ARGUMENTlets you run the detector from the command line
HELPis the information printed from the command line
IMPACTindicates the impact of the issue. Allowed values are:
DetectorClassification.INFORMATIONAL: printed in green
DetectorClassification.LOW: printed in green
DetectorClassification.MEDIUM: printed in yellow
DetectorClassification.HIGH: printed in red
CONFIDENCEindicates your confidence in the analysis. Allowed values are:
detect() needs to return a list of findings. To facilitate the automation of Slither, a finding is a dictionary containing a
vuln key associated with the vulnerability name and additional information according to the vulnerability itself.
AbstractDetector object has the
slither attribute, which returns the current
Slither object, and the
log(str) function to print the result.
You can integrate your detector into Slither by:
- Adding it in slither/detectors and in main.py#L92-L108
- or, by creating a plugin package (see the skeleton example).
Test the detector
backdoor.py will detect any function with
backdoor in its name.