Project
Roadmap
What's been built, what's in progress, and where OpenAudit AI is headed. This is a living document — contributions and feedback welcome.
Shipped
Core rule engine
Deterministic AST-based analysis for Solidity contracts.
CLI tool
openaudit-ai analyze, explain, rules commands with JSON output.
AI explanation layer
Optional OpenAI-compatible integration for plain-language finding descriptions.
In Progress
npm package release
Publish openaudit-ai to npm for easy global installation.
Expanded rule set
More rules covering access control, proxy patterns, oracle manipulation, and gas vulnerabilities.
Planned
SARIF output support
Emit SARIF format for GitHub Code Scanning integration and native security tab support.
VS Code extension
Inline findings in the editor with hover descriptions and quick-fix suggestions.
Custom rules API
Allow teams to define project-specific rules with full AST visitor access.
Foundry & Hardhat plugins
Native integration with the most popular Solidity development frameworks.
Improved AI explanation layer
Context-aware explanations using contract-level context, not just snippet-level.
Web dashboard (optional)
A local or hosted UI for browsing findings across projects over time.
Config file support
openaudit.config.json for project-level rule configuration, ignores, and severity overrides.
Have a feature request or want to contribute? Open an issue or PR on GitHub.