Smart Risk Control · Audit · Stress Test · Full-Stack Protection

CodeAutrix

Comprehensive Security for Your Skills & Contracts

Upload code and get instant results — automated permission audits, vulnerability detection, and stress testing to keep every line of code production-ready.

Get Started → Learn More

Real-time Detection · Multi-chain Support · AI-Powered

Security Analysis Scanning

87%

Good Security Score ↑ vs last scan

Vulns

Critical~10%

High~20%

Medium~40%

Low~30%

Permissions

~90%

API Security

~75%

Data Safety

~88%

Stress Test · Latency P95 Latency

200%

Audit Growth Rate

>95%

Vulnerability Detection Rate

<30s

Average Scan Time

Supported Chain Types

Core Features

All-in-One Security Detection Platform

Full-lifecycle security coverage for Skills — making security a natural part of every development workflow.

Skill Security Audit

One-click comprehensive scan for Skill security risks — intelligently detects permission vulnerabilities, configuration issues, and injection threats with a multi-dimensional health score.

Smart permission boundary analysis
API call chain security tracing
Sensitive data leakage detection
Composite security score (0–100)

Audit Now →

Contract Vulnerability Scan

Precise scanning of EVM / Solana contract source code — detects reentrancy attacks, integer overflows, access control issues, and other high-severity vulnerabilities.

Reentrancy attack detection
Integer overflow / underflow analysis
Access control vulnerabilities
Gas optimization suggestions

Scan Now →

Stress Test

Simulate real high-concurrency scenarios, collect P50/P95/P99 latency and throughput metrics, and fully evaluate system capacity limits.

Configurable concurrency & run count
Real-time performance metrics
Latency percentile analysis
Success rate & error attribution

Run Test →

Professional Report Export

Automatically generates structured HTML reports covering risk summaries, detailed vulnerability lists, and remediation suggestions — ready to share with your team or clients.

audit_report.html

High 2 Medium 5 Low 3

How It Works

Three Steps to Complete Security

From code upload to report generation — fully automated, zero manual configuration.

Upload Code

Drag and drop your Skill zip or contract source files. Supports multiple formats with instant parsing.

AI Analysis

Large models deeply parse code logic and combine with rule libraries to identify security risks — covering OWASP TOP 10 and on-chain-specific vulnerabilities.

Get Your Report

Professional report generated in seconds — includes risk ratings, vulnerability details, and remediation guidance. One-click download.

Technology

Enterprise-Grade Security Detection Engine

🔍

Static Analysis

AST-level code parsing for precise risk localization

🤖

AI Reasoning

LLMs understand code semantics to uncover hidden logic flaws

⚡

Live Execution

Dynamic stress-test engine simulating real production load

🔗

Multi-chain

EVM-compatible chains + Solana, with more on the way

📊

Quantified Scoring

CVSS-based risk scoring for objective security measurement

🛡️

Rule Library

Continuously updated rules covering the latest attack vectors

FAQ

Frequently Asked Questions

Everything you need to know about CodeAutrix — clear answers, no fluff.

What file formats does CodeAutrix support for upload?

Skill Security Audit accepts .zip archives containing your Skill or Agent code. Contract Audit supports .sol Solidity source files (EVM chains) and Rust-based Solana programs, as well as on-chain contract addresses for live analysis. All uploads are processed server-side and never shared with third parties.

Is my uploaded code stored or shared after scanning?

Your code is stored only for the duration of the scan task and its associated report. It is never shared with other users or used for training. You can delete any task and its artifacts at any time from the Workspace panel.

Do I need to register or connect a wallet to use CodeAutrix?

No registration is required to run scans. Connecting a wallet (MetaMask or WalletConnect) is optional — it links your session to a persistent identity so your scan history is preserved across devices. Without a wallet, your tasks are tied to your browser session only.

Is there a daily task limit?

Yes. Each IP address may submit up to 3 scan tasks per UTC calendar day across all scan types combined (Skill Audit, Contract Audit, and Stress Test). The counter resets at midnight UTC. This limit ensures fair usage and service stability for all users.

How is the security score calculated?

The Skill Security Audit produces five independent dimension scores — Privacy, Privilege, Integrity, Supply Chain, and Stability — each rated 0–100. The overall score is their arithmetic mean. Scores ≥ 80 are considered healthy; scores below 60 indicate significant risk. Each dimension deducts points based on matched risk patterns weighted by severity.

Which blockchains does Contract Audit support?

Contract Audit supports all EVM-compatible chains (Ethereum, BNB Chain, Polygon, Arbitrum, Base, etc.) via Solidity source code or on-chain address, and Solana programs via Rust/Anchor source code. More chains will be added in future releases.

Can I export the scan report?

Yes. Every completed scan generates a structured report viewable in the browser. For Skill Security Audit, a professional PDF report can be downloaded directly from the report page — suitable for sharing with your team, clients, or auditors.

What is the difference between Skill Audit and Contract Audit?

Skill Security Audit targets Skill and Agent packages (AI tool code). It checks permissions, privilege escalation, data leakage, obfuscation, supply chain risks, and more, producing a 5-dimension health score.

Contract Audit targets smart contracts — both EVM (Solidity) and Solana (Rust/Anchor). It detects reentrancy, integer overflow, access control flaws, gas inefficiencies, and other chain-specific vulnerabilities using AI-powered analysis.