Slither

v1.0.0Securitystable

MCP server for Slither static analysis of Solidity smart contracts

ethereummcpmodel-context-protocolpythonsecurity
Share:
89
Stars
0
Downloads
0
Weekly
0/5

What is Slither?

Slither is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for slither static analysis of solidity smart contracts

MCP server for Slither static analysis of Solidity smart contracts

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • MCP server for Slither static analysis of Solidity smart con

Use Cases

Solidity smart contract static analysis
Security vulnerability detection
Code quality assessment for blockchains
trailofbits

Maintainer

LicenseAGPL-3.0
Languagepython
Versionv1.0.0
UpdatedMay 19, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx slither

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Slither

Slither MCP Server wraps Trail of Bits' industry-standard Slither static analysis framework behind 12 structured MCP tools, giving AI assistants direct access to Solidity smart contract security analysis without leaving the conversation. It parses contract source code, maps inheritance hierarchies, traces function call graphs, lists all available security detectors, and executes them with filtering by severity and confidence level. Security researchers and Web3 developers use it to have Claude autonomously audit smart contracts, identify reentrancy and overflow vulnerabilities, review function visibility, and navigate complex multi-contract codebases.

Prerequisites

  • Python 3.11 or higher installed
  • uv package manager installed for running the server
  • Slither and its dependencies installed (pip install slither-analyzer)
  • A Solidity project with a supported build tool: Foundry, Hardhat, or equivalent
  • An MCP-compatible client such as Claude Desktop or Claude Code
1

Install Slither

Install the Slither static analysis tool, which the MCP server depends on.

pip install slither-analyzer
2

Install the Slither MCP server for Claude Code

Use the Claude MCP add command to install the server directly from the GitHub repository using uvx.

claude mcp add --transport stdio --scope user slither -- uvx --from git+https://github.com/trailofbits/slither-mcp slither-mcp
3

Or add manually to Cursor

For Cursor, add the server configuration to your ~/.cursor/mcp.json file.

4

Point the tools at your Solidity project directory

All 12 Slither MCP tools require a `path` parameter pointing to your Solidity project root. Ensure your project builds successfully before running analysis.

5

Run a detector scan via Claude

Ask Claude to run the Slither detectors on your project. Results are cached in artifacts/project_facts.json for faster subsequent queries.

Slither Examples

Client configuration

Cursor MCP configuration for the Slither server, using uvx to pull from GitHub.

{
  "mcpServers": {
    "slither": {
      "command": "uvx",
      "args": [
        "--from",
        "git+https://github.com/trailofbits/slither-mcp",
        "slither-mcp"
      ]
    }
  }
}

Prompts to try

Example prompts for auditing Solidity contracts with Slither via Claude.

- "List all contracts in my Solidity project at /path/to/project"
- "Run all Slither detectors on /path/to/project and show me high-severity findings"
- "Show me the full source code of the ERC20 contract in this project"
- "Map all callers of the withdraw function in the Vault contract"
- "List available Slither detectors filtered by reentrancy"
- "Show the inheritance hierarchy of the StakingPool contract"

Troubleshooting Slither

Slither fails to compile the project before analysis

Slither needs the project to compile successfully. Run `forge build` or `npx hardhat compile` in your project directory first and fix any compilation errors before running MCP tools.

uvx not found when adding the server

Install uv first with `pip install uv` or `curl -LsSf https://astral.sh/uv/install.sh | sh`. On some systems, uvx needs to be symlinked: `ln -s $(which uvx) /usr/local/bin/uvx`.

Analysis is slow on first run

Slither compiles and analyzes all contracts on first run, which can take a minute for large projects. Subsequent calls use the cache in artifacts/project_facts.json and are much faster.

Frequently Asked Questions about Slither

What is Slither?

Slither is a Model Context Protocol (MCP) server that mcp server for slither static analysis of solidity smart contracts It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Slither?

Follow the installation instructions on the Slither GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Slither?

Slither works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Slither free to use?

Yes, Slither is open source and available under the AGPL-3.0 license. You can use it freely in both personal and commercial projects.

Slither Alternatives — Similar Security Servers

Looking for alternatives to Slither? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

6.6k

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

5.1k

🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "slither": { "command": "npx", "args": ["-y", "slither"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Slither?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides