Local-first Web3 repo scanner detecting malicious scripts and Solidity risks
It scans untrusted Web3 code repositories for dangerous lifecycle scripts, shell calls, wallet‑drainer patterns, and Solidity vulnerabilities. A Rust engine walks the files, computes a risk score, stores results in a local SQLite DB, and can anchor repository and report hashes to a smart contract for verifiable proof. Designed for developers and auditors who need privacy‑preserving security analysis before executing code. Unlike generic scanners, it offers offline operation, blockchain‑anchored verification, and a dedicated UI for Web3‑specific threats.
View on GitHub →PNMS2026/shadowrepo-shield