Semgrep (Solidity)

Open Source

Lightweight static analysis with custom Solidity rules. Fast pattern matching for security anti-patterns in smart contract code.

About

Semgrep is a fast, open-source static analysis engine with a growing library of community-contributed Solidity rules. It lets you write custom rules in a simple YAML format to catch security anti-patterns, coding mistakes, and style violations. Semgrep's Solidity support enables teams to enforce security standards in CI/CD pipelines with minimal configuration.

Categories

Static Analyzers

Chains

ethereum polygon arbitrum optimism base avalanche

Install

pip3 install semgrep

Related Tools

Slither

Pairs with Semgrep (Solidity)

Solhint

Pairs with Semgrep (Solidity)

Quick Info

Pricing
freemium
Open Source
Yes
Last Updated
2026-04-01

Links

Website GitHub Documentation