AIToday
Log inSign up free
Back to articlesLarge Language Models
Large Language ModelsOpen-Source AI

Open-source AI tool debuts for smart contract security audits

Hacker News6h ago5 min read
Open-source AI tool debuts for smart contract security audits

Key takeaway

AI Agent Audit, a new open-source Rust tool, helps security auditors find vulnerabilities in Solidity smart contracts by integrating with large language models (AI systems that understand and generate text). The tool is designed to speed up expert manual review rather than replace it, and works with repositories that teams are comfortable sharing with external AI providers. It launched in public beta for auditors, researchers, and protocol development teams.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    AI Agent Audit, a Rust command-line tool, launched in public beta to assist security review of Solidity smart contracts. It discovers vulnerabilities, deduplicates findings, generates proof-of-concept code for validated issues, and produces audit reports. The creator used it in Code4rena competitions with encouraging results.

  • Why it matters

    The tool is designed to accelerate expert manual auditing rather than replace it—targeting smart contract auditors, security researchers, and protocol teams. It integrates with major AI providers (OpenAI/Codex by default, with support for Anthropic, Google, and DeepSeek) and runs locally, meaning repositories are sent to third-party LLM providers you configure. This may help security teams move faster on Solidity codebases, a high-stakes domain where vulnerabilities can lead to financial loss.

  • What to watch

    The tool is in public beta and not a hosted service; users must run it locally using Rust, Git, Slither, and Foundry or Node.js. The default audit pipeline uses ChatGPT/Codex and gpt-5.5 for active review. Code and documentation are publicly available, and the creator encourages security-conscious teams to audit before sharing their codebase with external model providers.

Sign up to read more

FAQ

What AI providers does the tool support?
The default audit pipeline uses OpenAI (ChatGPT/Codex). The tool also supports Anthropic, Google (Gemini), and DeepSeek as secondary options, though these are not required by the default review path.
Who should use this tool?
The tool is meant for smart contract auditors, security researchers, protocol teams doing internal review, and engineers experimenting with AI-assisted audit workflows on repositories they are allowed to share with external model providers.
Is this a replacement for manual auditing?
No. The tool is explicitly described as meant to accelerate expert review, not replace manual auditing. It is not a hosted service and not a substitute for human validation.

Discussion

No comments yet. Be the first to share your thoughts!

Log in to join the discussion

Related Articles

NVIDIA launches AI toolkits for life sciences and robotics safety

Yahoo Finance AI3h ago

OpenAI, Broadcom Launch Jalapeño AI Chip for LLM Inference

Yahoo Finance AI3h ago

AI agents get Yocto/BitBake skills to reduce hallucinations

Hacker News6h ago

Zeus: open-source local AI agent with web and mobile UI

Hacker News6h ago

Earned vs Burned: New Claude skill measures AI delivery by business value, not effort

Hacker News6h ago

Dribble: Open-source AI SQL IDE for database queries

Hacker News6h ago

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →