Why does the analyzer exclude read-only functions?

Read-only functions (like view or pure) cannot directly modify state or cause loss of funds, so they are excluded to keep the audit focus on high-risk state-changing logic.

How does the skill handle Solidity codebases specifically?

It first checks for the availability of Slither. If detected, it uses Slither's printer to extract high-accuracy entry point data before performing supplementary manual analysis.

Which smart contract languages are supported by this skill?

The skill supports a wide range of languages including Solidity (.sol), Vyper (.vy), Rust for Solana, Move (Aptos/Sui), TON (FunC/Tact), and CosmWasm.

How are access levels classified in the final report?

Entry points are categorized into Public (Unrestricted), Role-Restricted (e.g., admin or owner), Restricted (Review Required) for complex patterns, and Contract-Only for internal integrations.

Does this tool detect specific vulnerabilities like reentrancy?

No, this skill is specifically for attack surface mapping and entry point identification. It helps auditors find where to look, rather than flagging specific bugs.

Smart Contract Entry Point Analyzer

Name: Smart Contract Entry Point Analyzer
Author: pathvanasoftware

bypathvanasoftware

0•

Security & Testing

Identifies and categorizes state-changing entry points in smart contract codebases to streamline security audits and map attack surfaces.

The Smart Contract Entry Point Analyzer is a specialized auditing tool designed to systematically map the attack surface of decentralized applications across multiple ecosystems, including Ethereum, Solana, Move, TON, and CosmWasm. It focuses exclusively on state-changing functions, filtering out read-only calls to highlight privileged operations, role-restricted functions, and public entry points. By integrating with tools like Slither and performing manual pattern matching, it generates structured reports that classify access control levels, helping security researchers and developers identify potential vulnerabilities and understand the trust boundaries of their smart contracts.

Key Features

010 GitHub stars

02Automatic classification of functions into Public, Role-Restricted, and Contract-Only categories

03Multi-language support for Solidity, Vyper, Rust (Solana), Move, TON, and CosmWasm

04Seamless integration with Slither for automated entry point extraction in Solidity

05Structured Markdown report generation for comprehensive security documentation

06Strict filtering to exclude view/pure functions and focus on state-modifying logic

Use Cases

01Documenting external interfaces for complex multi-contract DeFi protocols

02Auditing access control patterns to verify administrative and privileged operations

03Mapping the attack surface at the start of a smart contract security audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add pathvanasoftware/iosstoragecleaner entry-point-analyzer

For use in Claude.ai and ChatGPT

Download Skill