Yultrace Audit
Run Slither-backed EVM contract audits, pull Blockscout source, resolve security.txt, and probe MCP from your agent before you ship on-chain code.
Overview
yultrace-audit is a MCP server for the Ship phase that runs EVM Slither audits (demo and live), Blockscout source lookup, security.txt discovery, and MCP probing.
What is this MCP server?
- EVM Slither audit with zero-argument demo mode plus live audit path
- Blockscout contract source retrieval for review in-agent
- security.txt lookup for coordinated disclosure contacts
- MCP probe utility for connectivity and integration checks
- Remote streamable-http MCP at version 0.1.5 with PyPI-related website URL
- Server version 0.1.5
- 4 described capability areas: Slither audit, Blockscout, security.txt, MCP probe
- 1 streamable-http remote endpoint
What problem does it solve?
Shipping EVM contracts without Slither, explorer source, and disclosure context in one agent loop slows security review and invites missed basics.
Who is it for?
Solo Web3 builders using Claude Code or Cursor who want agent-driven Slither and explorer workflows before mainnet or public testnet launches.
Skip if: Pure off-chain SaaS teams with no Solidity footprint or orgs that require only licensed third-party audit reports with no agent tooling.
What do I get? / Deliverables
After registration, your agent can trigger Slither-oriented audit flows, fetch Blockscout source, look up security.txt, and verify MCP connectivity from the same security-focused tool surface.
- Slither-oriented audit output via agent-invoked demo or live paths
- Blockscout-sourced contract code in the agent session
- security.txt and MCP probe results for pre-ship security checklist
Recommended MCP Servers
Journey fit
Canonical shelf is Ship because the server is explicitly about Slither audits, exploit-oriented lookups, and security discovery—not greenfield implementation. Security subphase matches EVM Slither audit flows, Blockscout source review, security.txt lookup, and MCP probe tooling.
How it compares
EVM security and Slither MCP integration, not a generic code-review skill for application repos.
Common Questions / FAQ
Who is yultrace-audit for?
yultrace-audit is for developers shipping EVM smart contracts who want Slither audits, Blockscout source, security.txt, and MCP checks callable from an AI coding agent.
When should I use yultrace-audit?
Use it in the Ship security subphase when contracts are implemented and you need automated static analysis and disclosure metadata before release.
How do I add yultrace-audit to my agent?
Configure the streamable-http remote URL on candy-josh-writers-balance.trycloudflare.com in your MCP client, align with the published PyPI yultrace-mcp-audit package if you run locally, then reload tools.