Is Slither Mcp safe to use?

Slither Mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under AGPL-3.0.

How do I install Slither Mcp?

Slither Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Slither Mcp do?

Slither Mcp provides 12 tools: list_contracts, get_contract, get_contract_source, get_function_source, list_functions and 7 more. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Slither Mcp?

Slither Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Slither Mcp actively maintained?

Slither Mcp is actively maintained — last commit was 10 days ago. It has 89 GitHub stars.

Slither Mcp

Name: Slither Mcp
Author: trailofbits

is · by trailofbits

MCP server for Slither static analysis of Solidity smart contracts

89 12 tools GitHub PyPI

No known CVEs

AGPL-3.0 license

Actively maintained

Last commit 10d ago

Works with most clients

Transport: stdio, http

12 tools · ~999 tok

Grade B · 0.5% of 200K ctx

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "slither-mcp": {
      "args": [
        "is"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/slither-mcp)](https://mcppedia.org/s/slither-mcp)

Read me

What Slither Mcp does

A Model Context Protocol (MCP) server that provides static analysis capabilities for Solidity smart contracts using Slither.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'is' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

82/100across 5 weighted dimensions

How we score →

0255075100

−18

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked is against OSV.dev.

Inventory

Tools (12)

Click any tool to inspect its schema.

~999 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Slither Mcp safe to use?: Slither Mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under AGPL-3.0.
How do I install Slither Mcp?: Slither Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Slither Mcp do?: Slither Mcp provides 12 tools: list_contracts, get_contract, get_contract_source, get_function_source, list_functions and 7 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Slither Mcp?: Slither Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Slither Mcp actively maintained?: Slither Mcp is actively maintained — last commit was 10 days ago. It has 89 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Slither Mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Security Developer Tools

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "slither-mcp": {
      "args": [
        "is"
      ],
      "command": "uvx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/slither-mcp)](https://mcppedia.org/s/slither-mcp)

Read me

What Slither Mcp does

A Model Context Protocol (MCP) server that provides static analysis capabilities for Solidity smart contracts using Slither.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

uvx 'is' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Slither MCP Server

A Model Context Protocol (MCP) server that provides static analysis capabilities for Solidity smart contracts using Slither.

Overview

This MCP server wraps Slither static analysis functionality, making it accessible through the Model Context Protocol. It can analyze Solidity projects (Foundry, Hardhat, etc.) and generate comprehensive metadata about contracts, functions, inheritance hierarchies, and more.

You can also use Slither MCP as an easy-to-use Slither API for other use cases.

Features

Caching: Slither runs are cached to {$PROJECT_PATH}/artifacts/project_facts.json for faster subsequent loads
MCP Tools: Query contract and function information through MCP tools
Security Analysis: Run Slither detectors and access results with filtering
Comprehensive Analysis: Extracts detailed information about:
- Contract metadata (abstract, interface, library flags)
- Function signatures and modifiers
- Inheritance hierarchies
- Function call relationships (internal, external, library calls)
- Security vulnerabilities and code quality issues
- Source code locations

While this is a v1.0 release, we anticipate API changes as we receive more feedback.

Installation

This project uses UV for package management:

# Install dependencies
uv sync

# Or install in development mode
uv pip install -e .

Usage

Basic Usage

Start the Slither MCP server:

uv run slither-mcp

All tools accept a path parameter that specifies which Solidity project to analyze. Projects are automatically cached in <path>/artifacts/project_facts.json for faster subsequent queries.

Use in Claude Code

claude mcp add --transport stdio --scope user slither -- uvx --from git+https://github.com/trailofbits/slither-mcp slither-mcp

Use in Cursor

Make sure uvx is on your Cursor path using sudo ln -s ~/.local/bin/uvx /usr/local/bin/uvx

In your ~/.cursor/mcp.json:

{
  "mcpServers": {
    "slither-mcp": {
      "command": "uvx --from git+https://github.com/trailofbits/slither-mcp slither-mcp",
    }
  }
}

Metrics and Privacy

Slither MCP includes opt-out metrics to help improve reliability by letting us know how often LLMs use each tool and their successful call rate. Metrics are enabled by default but can be permanently disabled.

What We Collect

Tool call events (which tools are used)
Success/failure status

We do not collect: tool call parameters, contract details, function names, or any project-specific information.

Disabling Metrics

To permanently opt out:

uv run slither-mcp --disable-metrics

For complete details, see METRICS.md.

MCP Tools

The server exposes tools for querying contract and function information. All tools accept a path parameter that specifies the Solidity project directory to analyze.

Query Tools

1. `list_contracts` - List contracts with filters

Requires: path (project directory) Filter contracts by type (concrete, abstract, interface, library) or path pattern.

2. `get_contract` - Get detailed contract information

Retrieve full contract metadata including functions, inheritance, and flags.

3. `get_contract_source` - Get contract source code

Returns the complete source code of the Solidity file containing the specified contract.

4. `get_function_source` - Get fun

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

82/100across 5 weighted dimensions

How we score →

0255075100

−18

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

Checked is against OSV.dev.

Inventory

Tools (12)

Click any tool to inspect its schema.

~999 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Slither Mcp safe to use?: Slither Mcp has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under AGPL-3.0.
How do I install Slither Mcp?: Slither Mcp supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Slither Mcp do?: Slither Mcp provides 12 tools: list_contracts, get_contract, get_contract_source, get_function_source, list_functions and 7 more. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Slither Mcp?: Slither Mcp is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Slither Mcp actively maintained?: Slither Mcp is actively maintained — last commit was 10 days ago. It has 89 GitHub stars.

Similar servers

Others in security / developer-tools

View all →

XcodeBuildMCP97

A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.

5.8k 2

XcodeBuildMCP97

XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.

5.8k 1

Mcp_agent_mail96

Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite

2.0k 6

Figma Console Mcp96

MCP server for accessing Figma plugin console logs and screenshots via Cloudflare Workers or local mode

1.7k 2

MCP Security Weekly

Get CVE alerts and security updates for Slither Mcp and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Slither Mcp

Install in your client

What Slither Mcp does

Test This Server

Why this score

82/100across 5 weighted dimensions

Security

Tools (12)

Reviews

Frequently Asked Questions

Similar servers

Discussion

Slither Mcp

Install in your client

What Slither Mcp does

Test This Server

Slither MCP Server

Overview

Features

Installation

Usage

Basic Usage

Use in Claude Code

Use in Cursor

Metrics and Privacy

What We Collect

Disabling Metrics

MCP Tools

Query Tools

1. list_contracts - List contracts with filters

2. get_contract - Get detailed contract information

3. get_contract_source - Get contract source code

4. get_function_source - Get fun

Why this score

82/100across 5 weighted dimensions

Security

Tools (12)

Reviews

Frequently Asked Questions

Similar servers

Discussion

Slither MCP Server

Overview

Features

Installation

Usage

Basic Usage

Use in Claude Code

Use in Cursor

Metrics and Privacy

What We Collect

Disabling Metrics

MCP Tools

Query Tools

1. list_contracts - List contracts with filters

2. get_contract - Get detailed contract information

3. get_contract_source - Get contract source code

4. get_function_source - Get fun

1. `list_contracts` - List contracts with filters

2. `get_contract` - Get detailed contract information

3. `get_contract_source` - Get contract source code

4. `get_function_source` - Get fun

1. `list_contracts` - List contracts with filters

2. `get_contract` - Get detailed contract information

3. `get_contract_source` - Get contract source code

4. `get_function_source` - Get fun