Smart Contract Audit Agent

Project Overview

This is an AI-powered, multi-agent system for automated smart contract security auditing. It fetches Solidity contracts directly from public GitHub repositories, analyzes them with industry tools like Slither and Mythril, and coordinates specialized CrewAI agents to produce a clear, prioritized Markdown report covering critical vulnerabilities, code quality issues, and gas optimizations.

Our Approach

We use a security-first, research-grounded workflow that blends static analysis with AI reasoning and structured reporting. The pipeline ingests target code from GitHub, maps issues to common SWC classes, runs a dual-agent review (a senior security auditor and a code-quality/gas specialist), then generates an executive-level report with remediation priorities. The result is a fast, repeatable audit flow aligned with real-world smart-contract risks.

Key Features

• GitHub Repository Ingestion
  Point the tool at any public repo and it will fetch and prepare the contracts for analysis.

• Multi-Tool Security Analysis
  Surfaces reentrancy, access-control flaws, arithmetic issues, unchecked returns, and more by combining Slither/Mythril findings with agentic review.

• AI-Driven Dual Review
  A senior smart-contract security auditor agent focuses on vulnerabilities while a code-review specialist targets gas, style, and maintainability.

• Structured Markdown Reports
  Generates final_audit_report.md with an executive summary, critical/medium/low findings, code-quality recommendations, and an ordered remediation list.

• SWC-Mapped Findings & Gas Insights
  Calls out SWC categories like reentrancy (SWC-107), arithmetic errors (SWC-101), access control (SWC-132), and more, alongside practical gas and style suggestions.