Automatic smart contract security scanning for every pull request. Catch vulnerabilities before they reach production.
When you open or update a pull request with Solidity file changes,
SolSentinel automatically runs Wake (static analysis)
and Solhint (linting) on the changed .sol files
and posts a summary comment on the PR.
The comment includes vulnerability names, severity levels, SWC references, and links to notable real-world exploits. A deep link to the full scan report lets you explore detailed findings.
Visit the SolSentinel GitHub App page and click Install. Choose which repositories to grant access to. We recommend starting with a single repository.
The App only requests read access to code and pull requests, plus write access to PR comments.
After installation, go to Account Settings in SolSentinel and find the GitHub App Integration section. Enter your installation ID to link it to your paid tier.
Without linking, scans run on the free tier (Wake + Solhint only). Linked installations inherit your subscription tier for enhanced features.
Create or update a pull request that includes .sol file changes.
SolSentinel will automatically scan the changed files and post a comment
within 30–60 seconds.
Test files (test/, .t.sol), library files (lib/),
and migration files are automatically skipped.
What you get with each tier in GitHub PR scans:
| Feature | Free | Pro Builder | Protocol Team | Audit Infrastructure |
|---|---|---|---|---|
| IR Static Analysis | Yes | Yes | Yes | Yes |
| Solhint Linting | Yes | Yes | Yes | Yes |
| Claude AI Semantic Analysis | - | Yes | Yes | Yes |
| Mythril + Foundry + Wake (full stack) | - | Yes | Yes | Yes |
| Scans per Repo / Day | 20 | 50 | Custom | Unlimited |
| Scan Report Deep Link | Yes | Yes | Yes | Yes |
| AI-Generated Fix Code | - | Yes | Yes | Yes |
| Dual-AI Consensus (Claude + Grok) | - | - | - | Yes |
| Scan History Dashboard | - | Yes | Yes | Yes |
| Compliance Attestation (MiCA / FIT21 / SOC 2 / ISO 27001) | - | Pay-per ($499 / $199) | 5 bundled / mo | Unlimited |
To prevent abuse, scans are rate-limited per repository and per organization:
| Scope | Limit |
|---|---|
| Per repository | 20 scans / day (configurable) |
| Per organization | 100 scans / day (configurable) |
| Max files per PR | 15 .sol files |
| Max lines per file | 500 additions |
| Scan timeout | 120 seconds |
The scanner automatically ignores files in these directories:
| Pattern | Reason |
|---|---|
test/ / tests/ | Test files |
mock/ / mocks/ | Mock contracts |
lib/ | Foundry dependencies (OpenZeppelin, etc.) |
.t.sol | Foundry test files |
script/ | Foundry deploy scripts |
migrations/ | Migration scripts |
node_modules/ | NPM dependencies |
.sol files to run static analysis.
Files are processed in an isolated temporary directory and deleted immediately after scanning.
No source code is stored.
SolSentinel Security Scan
Found 3 issue(s) across 2 file(s): 1 Critical • 1 High • 1 Medium
Vault.solState change after external call
The DAO ($60M lost)
Token.solMissing modifier on sensitive function
Vault.solReturn value not checked
Powered by SolSentinel • Wake + Solhint static analysis • 450ms • View full report