Slither

0.11.5 verified Mon Apr 27 auth: no python

Slither is a Solidity and Vyper static analysis framework written in Python 3. It provides a suite of vulnerability detectors, visualizes contract details via printers, and includes tools for upgradeability checks, mutation testing, and code flattening. Current version: 0.11.5 (requires Python >=3.10). Releases occur several times per year.

pip install slither-analyzer

Common errors

error ModuleNotFoundError: No module named 'crytic_compile' ↓

cause crytic-compile is an optional dependency but required for compilation. It is not installed automatically in all environments.

fix

pip install crytic-compile

error slither: error: unrecognized arguments: --detect similar-names ↓

cause The 'similar-names' detector was removed in slither 0.10.3.

fix

Remove --detect similar-names from your command. Use a different detector or update your scripts.

error Exception: Solc is not in PATH. Is Solidity installed? ↓

cause Slither cannot find the solc binary. It is required to compile contracts.

fix

Install solc (e.g., via solc-select: pip install solc-select && solc-select install 0.8.20 && solc-select use 0.8.20) or ensure solc is in your PATH.

Warnings

breaking Python 3.10 or higher is required as of version 0.11.5. Older Python versions (3.8, 3.9) are no longer supported. ↓

fix Upgrade to Python 3.10+ or pin slither-analyzer<0.11.5.

breaking In version 0.11.0, the Contract class properties for variables and the *Calls API were refactored. Code accessing contract.variables or contract.functions may break. ↓

fix Use contract.variables_as_dict() or contract.functions_as_dict() for dictionary access. Refer to the changelog for details.

gotcha Slither requires a Solidity compiler (solc) installed. If solc is not in PATH, analysis fails. Use solc-select to manage versions. ↓

fix Install solc-select and set the desired version: pip install solc-select && solc-select install 0.8.20 && solc-select use 0.8.20

deprecated The detector 'similar-names' was removed in version 0.10.3. ↓

fix Remove --detect similar-names from your command line.

gotcha When using slither in a script, you must call slither.run_detectors() explicitly; just creating a Slither object does not run detectors. ↓

fix Call slither.run_detectors() with the list of detectors you wish to execute.

Imports

Slither
wrong
```
import slither
```
correct
```
from slither import Slither
```
Slither is a class, not a module.

detectors

wrong

from slither.detectors.all_detectors import *

correct

from slither.detectors import all_detectors

Use the all_detectors list to iterate; avoid wildcard imports.

slither_main

wrong

from slither import main

correct

from slither.__main__ import main

The CLI entry point is in __main__.

Quickstart

Basic usage: load a contract, iterate over its structure, and run all built-in detectors.

from slither import Slither

# Analyze a Solidity file
slither = Slither('path/to/contract.sol')
for contract in slither.contracts:
    print(f"Contract: {contract.name}")
    for function in contract.functions:
        print(f"  Function: {function.name}")

# Run all detectors
from slither.detectors import all_detectors
results = slither.run_detectors(all_detectors)
for detector_result in results:
    print(detector_result)