JSPM

smartguard-mcp

0.1.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 22
  • Score
    100M100P100Q59705F
  • License MIT

SmartGuard MCP Server - AI-powered smart contract security audit tools for Claude Code, Cursor, and AI coding agents. Detect reentrancy, access control, and quantum vulnerabilities.

Package Exports

  • smartguard-mcp
  • smartguard-mcp/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (smartguard-mcp) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

SmartGuard MCP

AI-powered smart contract security audit tools for Claude Code, Cursor, and AI coding agents.

Detect reentrancy, access control, overflow, oracle manipulation, and quantum vulnerabilities in Solidity contracts — directly from your AI assistant.

Quick Start

{
  "mcpServers": {
    "smartguard": {
      "command": "npx",
      "args": ["-y", "smartguard-mcp"]
    }
  }
}

Tools (5)

Tool Description
scan_contract Scan a single Solidity file for vulnerabilities
scan_contracts_directory Recursively scan all .sol files in a directory
scan_contract_snippet Scan a Solidity code snippet (no file needed)
list_vulnerability_patterns List all detectable vulnerability patterns
gas_optimization Analyze gas optimization opportunities

Detected Vulnerabilities (18 patterns)

Category Patterns Severity
Reentrancy External calls before state updates Critical
Access Control Missing modifiers, tx.origin, unprotected selfdestruct Critical-High
Delegatecall Untrusted delegatecall targets Critical
Arithmetic Integer overflow (pre-0.8), unchecked blocks High-Medium
Oracle Manipulation Direct reserve reading, balance-based pricing High
Frontrunning ERC20 approve race condition Medium
Timestamp block.timestamp dependence Medium
Gas DoS Unbounded loops, long revert strings Medium-Low
Storage Uninitialized storage pointers High
Quantum (PQC) ECDSA/ecrecover quantum vulnerability Medium
Best Practice Floating pragma, TODO comments Low-Info

Example Output

# SmartGuard Audit Report

**File**: contracts/Vault.sol
**Risk Score**: 65/100 (HIGH)

## Findings

### 🔴 SG-001: External call with value before state update (potential reentrancy)
- **Severity**: CRITICAL
- **Location**: contracts/Vault.sol:15:9
- **SWC**: SWC-107

**Recommendation**: Use checks-effects-interactions pattern or ReentrancyGuard.

Used With

Together, QuantumGuard + SmartGuard provide full-spectrum smart contract security: traditional vulnerabilities + quantum-future threats.

License

MIT