VULTBASEIntelligence Platform
All Articles

Security Tools

How to Use Slither for Smart Contract Security Analysis: A Practical Guide

Kennedy OwiroNovember 5, 202510 min read

Slither is the most widely used static analysis tool for Solidity smart contracts. Built by Trail of Bits, it detects vulnerabilities in seconds, generates contract summaries, and integrates seamlessly into CI/CD pipelines. This guide walks you through installation, basic usage, CI integration, and writing custom detectors.

Installation

# Install via pip
pip3 install slither-analyzer

# Or via Docker
docker pull trailofbits/eth-security-toolbox

# Verify installation
slither --version

Basic Usage

# Analyze a single file
slither contracts/Vault.sol

# Analyze a Hardhat/Foundry project
cd my-project
slither .

# Filter by severity
slither . --filter-paths "node_modules" --exclude-informational

# JSON output for CI/CD
slither . --json output.json

Understanding Slither Output

Slither groups findings by detector. Each finding includes the vulnerable code location, detector name, severity level, and a brief description. Common detectors you'll see:

  • reentrancy-eth — Reentrancy with ETH transfer
  • reentrancy-no-eth — Reentrancy without ETH (state manipulation)
  • unprotected-upgrade — Missing authorization on upgrade functions
  • arbitrary-send-erc20 — Unrestricted ERC-20 transfers
  • locked-ether — Contract receives ETH but can't withdraw
  • tx-origin — Authentication using tx.origin

Slither Printers: Contract Analysis

# Function summary (visibility, state changes)
slither . --print function-summary

# Inheritance graph
slither . --print inheritance-graph

# Storage layout (crucial for proxy contracts)
slither . --print variable-order

# Call graph
slither . --print call-graph

CI/CD Integration (GitHub Actions)

# .github/workflows/security.yml
name: Security Analysis
on: [push, pull_request]
jobs:
  slither:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: crytic/slither-action@v0.4.0
        with:
          fail-on: high
          sarif: results.sarif
      - uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: results.sarif

Triage: Handling False Positives

Slither has a medium false positive rate. Use inline comments to suppress known false positives:

// slither-disable-next-line reentrancy-benign
(bool s,) = to.call{value: amt}("");  // Intentionally after state update

Tip: Only suppress after confirming it's a false positive. Track all suppressions in code review.

Beyond Basic Scanning

Slither is one part of a security strategy. It catches ~30-40% of vulnerabilities. For complete coverage, combine it with Semgrep custom rules, manual expert review, and challenge-based testing. Vultbase combines Slither + Semgrep + 1,200 patterns + engineer validation for comprehensive coverage.

Slitherstatic analysistutorialsecurity toolsCI/CDSolidity
Share

Written by

Kennedy Owiro

Founder & CTO, Vultbase

14+ years building security and QA systems at scale. Background in fintech security and Web3 smart contract testing. Built Vultbase's Intelligence Engine with 1,200+ exploit patterns from $40B+ in historical DeFi losses.

Related Articles

Smart Contract Security

Integer Overflow and Underflow: The Silent Killers in Smart Contract Math

8 min read

Best Practices

The Complete Smart Contract Security Audit Checklist for 2026

12 min read

Smart Contract Security

ERC-20 Token Security: Common Pitfalls That Cost Projects Everything

9 min read

Protect your protocol before launch.

Submit your smart contracts for automated security analysis powered by 1,200+ real exploit patterns.

Start Your Audit →