Venturus
Eagle Audit Logo
Secure your smart contracts

Eagle Audit

Advanced smart contract security analysis powered by AI. Static analysis, deep vulnerability reports, interactive visualizations, and seamless API integration all in one platform.

Features

Everything you need to secure smart contracts

Professional-grade security tools, accessible directly in your browser.

Project Management
Upload code directly, clone from GitHub or directly from Etherscan. Over 60 chains are supported, including testnets. Seamlessly manage your smart contract workspace.
Static Analysis
Integrated with Slither, Aderyn, and Solhint to catch common vulnerabilities instantly.
Deep Reports
Scan your projects with a specialized AI agent to catch vulnerabilities. Our agents create and execute tests autonomously, generating comprehensive reports with proof of findings.
Call Graphs
Visualize internal and external calls with interactive graphs to understand contract flow.
Forge Tests
Run Forge unit tests directly in the browser and see results in real-time.
Interactive Chat
Chat with AI about your contract logic, potential bugs, and optimization opportunities.

Deep Analysis Example

See exactly what our AI agent finds. This is a real report generated from a vulnerable codebase.

eagle-audit-report-#4.pdf

Security Analysis Report

Target: snowman | Scan ID: REPORT-4

Model: gpt-5.1-codex-mini2/2/2026

Project Summary

The Snowman Merkle Airdrop system comprises three main contracts: Snow (ERC20 with weekly free-earn and paid purchase), Snowman (ERC721 on‐chain NFT), and SnowmanAirdrop (Merkle‐tree airdrop using EIP‐712 signatures). Our audit uncovered critical flaws across the protocol:

  • Snowman (ERC721) unrestricted mint: Any address can mint unlimited NFTs at no cost, and the mint routine is vulnerable to reentrancy DoS via the _safeMint hook.
  • Snow token economic bugs: The global earn timer can be DoSed by any user, blocking all others from earning. Users who overpay or underpay ETH in buySnow permanently lose funds until the collector withdraws, and the WETH transfer in collectFee is unchecked, risking stuck tokens.
  • SnowmanAirdrop logic faults: The airdrop contract never enforces the "has claimed" flag, allowing repeated claims if tokens are re-staked.
2450
Lines of Code
4
Files Scanned
7
Total Issues

Severity Distribution

7Findings
High2
Medium5

Critical Findings Preview

HighUnrestricted NFT Minting in Snowman
src/Snowman.sol:36-44

The Snowman contract's mintSnowman function is callable by any address without authorization, allowing attackers to mint unlimited NFTs to themselves at no cost. This breaks intended access control and devalues the NFT system.

MediumExcess Ether Overpayment Not Refunded in buySnow
src/Snow.sol:77-87

In Snow.buySnow, if a user overpays ETH (i.e., sends more Ether than s_buyFee * amount), the surplus is not refunded and remains locked in the contract until collectFee is called by the collector.

...and 5 more findings in full report
curl -X GET $deep_report/snowman
API First Design

Integrate Security directly into your CI/CD Pipeline

Eagle Audit isn't just a web interface. Our entire platform is built on top of a powerful, documented API that you can consume programmatically.

Automated Scanning

Trigger deep analysis scans automatically on every pull request or commit.

JSON & PDF Exports

Retrieve structured JSON data for your dashboards or full PDF reports for stakeholders.

Model Configuration

Select your favorite model for deep scans, including local models via Ollama.

POST /api/v1/deep_report/

curl -X POST "deep_report/" \

-H "Authorization: Bearer $API_KEY" \

-H "Content-Type: application/json" \

-d '{

"model": "gpt-5.1-codex-mini",

"provider": "azure-responses",

"targets": [

"src/PositionManager.sol",

"src/UniversalRouter.sol"

],

"workspace": "UniswapV4"

}'

# Response

{ "scan_id": "SCAN-8842", "status": "queued", ... }