smom-dbis-138/scripts/security/run-slither.sh

#!/bin/bash
# Automated static analysis with Slither
# Run this before security audit submission

set -euo pipefail

echo "=================================="
echo "Running Slither Analysis"
echo "=================================="
echo ""

# Check if slither is installed
if ! command -v slither &> /dev/null; then
    echo "❌ Slither not installed"
    echo "Install: pip install slither-analyzer"
    exit 1
fi

cd "$(dirname "$0")/../.."

# Output directory
REPORT_DIR="reports/security"
mkdir -p "$REPORT_DIR"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)

echo "📊 Analyzing contracts..."
echo ""

# Critical contracts to analyze
CONTRACTS=(
    "contracts/registry/UniversalAssetRegistry.sol"
    "contracts/bridge/UniversalCCIPBridge.sol"
    "contracts/governance/GovernanceController.sol"
    "contracts/liquidity/LiquidityManager.sol"
    "contracts/bridge/BridgeOrchestrator.sol"
    "contracts/plugins/PluginRegistry.sol"
)

for contract in "${CONTRACTS[@]}"; do
    echo "Analyzing: $contract"
    
    slither "$contract" \
        --exclude-dependencies \
        --json "$REPORT_DIR/slither_${TIMESTAMP}_$(basename $contract .sol).json" \
        > "$REPORT_DIR/slither_${TIMESTAMP}_$(basename $contract .sol).txt" 2>&1 || true
    
    echo "✅ Complete"
    echo ""
done

echo "=================================="
echo "Analysis Complete"
echo "=================================="
echo ""
echo "Reports saved to: $REPORT_DIR/"
echo ""
echo "Next steps:"
echo "1. Review high/medium severity findings"
echo "2. Fix critical issues"
echo "3. Document false positives"
echo "4. Re-run analysis"
echo ""