Slither
MCP server for Slither static analysis of Solidity smart contracts
What is Slither?
Slither is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for slither static analysis of solidity smart contracts
MCP server for Slither static analysis of Solidity smart contracts
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- MCP server for Slither static analysis of Solidity smart con
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx slitherConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Slither
Slither MCP Server wraps Trail of Bits' industry-standard Slither static analysis framework behind 12 structured MCP tools, giving AI assistants direct access to Solidity smart contract security analysis without leaving the conversation. It parses contract source code, maps inheritance hierarchies, traces function call graphs, lists all available security detectors, and executes them with filtering by severity and confidence level. Security researchers and Web3 developers use it to have Claude autonomously audit smart contracts, identify reentrancy and overflow vulnerabilities, review function visibility, and navigate complex multi-contract codebases.
Prerequisites
- Python 3.11 or higher installed
- uv package manager installed for running the server
- Slither and its dependencies installed (pip install slither-analyzer)
- A Solidity project with a supported build tool: Foundry, Hardhat, or equivalent
- An MCP-compatible client such as Claude Desktop or Claude Code
Install Slither
Install the Slither static analysis tool, which the MCP server depends on.
pip install slither-analyzerInstall the Slither MCP server for Claude Code
Use the Claude MCP add command to install the server directly from the GitHub repository using uvx.
claude mcp add --transport stdio --scope user slither -- uvx --from git+https://github.com/trailofbits/slither-mcp slither-mcpOr add manually to Cursor
For Cursor, add the server configuration to your ~/.cursor/mcp.json file.
Point the tools at your Solidity project directory
All 12 Slither MCP tools require a `path` parameter pointing to your Solidity project root. Ensure your project builds successfully before running analysis.
Run a detector scan via Claude
Ask Claude to run the Slither detectors on your project. Results are cached in artifacts/project_facts.json for faster subsequent queries.
Slither Examples
Client configuration
Cursor MCP configuration for the Slither server, using uvx to pull from GitHub.
{
"mcpServers": {
"slither": {
"command": "uvx",
"args": [
"--from",
"git+https://github.com/trailofbits/slither-mcp",
"slither-mcp"
]
}
}
}Prompts to try
Example prompts for auditing Solidity contracts with Slither via Claude.
- "List all contracts in my Solidity project at /path/to/project"
- "Run all Slither detectors on /path/to/project and show me high-severity findings"
- "Show me the full source code of the ERC20 contract in this project"
- "Map all callers of the withdraw function in the Vault contract"
- "List available Slither detectors filtered by reentrancy"
- "Show the inheritance hierarchy of the StakingPool contract"Troubleshooting Slither
Slither fails to compile the project before analysis
Slither needs the project to compile successfully. Run `forge build` or `npx hardhat compile` in your project directory first and fix any compilation errors before running MCP tools.
uvx not found when adding the server
Install uv first with `pip install uv` or `curl -LsSf https://astral.sh/uv/install.sh | sh`. On some systems, uvx needs to be symlinked: `ln -s $(which uvx) /usr/local/bin/uvx`.
Analysis is slow on first run
Slither compiles and analyzes all contracts on first run, which can take a minute for large projects. Subsequent calls use the cache in artifacts/project_facts.json and are much faster.
Frequently Asked Questions about Slither
What is Slither?
Slither is a Model Context Protocol (MCP) server that mcp server for slither static analysis of solidity smart contracts It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Slither?
Follow the installation instructions on the Slither GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Slither?
Slither works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Slither free to use?
Yes, Slither is open source and available under the AGPL-3.0 license. You can use it freely in both personal and commercial projects.
Slither Alternatives — Similar Security Servers
Looking for alternatives to Slither? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Slither in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Slither?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.