GitHub user butthtio released solidity-cot-auditor, a Python-based security auditing framework that enhances static analysis findings from Slither by applying large language models to provide deeper context and actionable remediation guidance. The repository has gained 306 stars and 206 forks since release, distributed under Apache 2.0 license.
Four-Stage Pipeline Separates Explanation, Exploitation, Fixing, and Judgment
The tool implements a four-stage chain-of-thought pipeline designed to transform terse static analysis output into human-interpretable security intelligence. The Explainer generates technical context and determines if findings are true or false positives. The ExploitWriter creates minimal proof-of-concept sketches for defenders to understand attack vectors. The Fixer produces unified diffs showing minimal remediation steps. The Judge assigns quality scores and flags logical inconsistencies across the pipeline outputs.
This separation of concerns deliberately avoids using a single monolithic prompt, which the creators argue produces more hallucinations and generic output. Each role has focused objectives, reducing hallucination rates compared to single-prompt approaches.
Bridging the Gap Between Static Analysis Speed and Human Interpretation
The tool addresses a critical gap in automated security workflows. Static analyzers like Slither are fast and reliable, but their output is terse. A finding like "reentrancy-eth" reveals what triggered but not why it matters specifically, how attackers exploit it, or what fixes look like.
By layering LLM analysis atop Slither's JSON output, this approach bridges automated detection with human-interpretable security intelligence, making findings immediately actionable for developers without requiring specialized security expertise. The tool uses OpenAI-compatible APIs and can work with various LLM providers.
Actionable Security Intelligence at Scale for Smart Contract Developers
For Web3 developers and security teams, the framework makes static analysis findings immediately actionable. Instead of receiving a list of potential vulnerabilities requiring manual investigation, developers receive contextualized explanations, exploit scenarios, specific code fixes, and quality assessments—all generated programmatically.
This represents an emerging pattern in AI-assisted security: combining fast, deterministic static analysis with LLM-powered contextual interpretation to produce actionable security intelligence at scale. The approach acknowledges that static analyzers excel at detection speed and consistency, while LLMs excel at contextual explanation and remediation guidance.
Reducing False Positive Burden Through Automated Triage
The Explainer role's ability to classify findings as true or false positives addresses another critical challenge in automated security: alert fatigue. By automating initial triage with LLM reasoning, the pipeline helps security teams focus on genuine vulnerabilities rather than investigating every static analyzer flag.
The 206 forks indicate active community experimentation with the framework, suggesting developers are adapting the four-role pipeline to their specific smart contract security workflows and potentially extending it to other blockchain platforms beyond Solidity.
Key Takeaways
- Solidity CoT Auditor gained 306 GitHub stars and 206 forks, using a four-stage LLM pipeline to enhance Slither static analysis output
- The pipeline separates concerns across Explainer (context/triage), ExploitWriter (attack scenarios), Fixer (remediation diffs), and Judge (quality scoring) roles
- This multi-role approach deliberately avoids monolithic prompts to reduce hallucinations and produce more actionable, specific security guidance
- The tool bridges static analysis speed with human-interpretable intelligence, making findings actionable for developers without specialized security expertise
- The framework uses OpenAI-compatible APIs and works with various LLM providers, representing an emerging pattern of combining deterministic analysis with LLM contextual interpretation