Audit View
The Audit View provides a comprehensive interface for reviewing, triaging, and managing security findings.
Three-Panel Layout
The audit view uses a three-panel design optimized for efficient review:
┌────────────────┬─────────────────────┬────────────────┐
│ │ │ │
│ Findings │ Code View │ Details │
│ List │ │ Panel │
│ │ │ │
│ • Filter │ • Syntax │ • Description │
│ • Sort │ highlighting │ • Severity │
│ • Select │ • Line numbers │ • Remediation │
│ │ • Annotations │ • References │
│ │ │ │
└────────────────┴─────────────────────┴────────────────┘
Left Panel: Findings List
All findings for the current project, filterable by:
- Severity: Critical, High, Medium, Low
- Status: Open, In Progress, Resolved, Ignored
- File: Specific contract files
- Pattern: Vulnerability type
Click a finding to view it in context.
Center Panel: Code View
Source code with:
- Syntax highlighting for Solidity/Vyper
- Line numbers linked to findings
- Annotations showing affected lines
- File navigation via breadcrumbs
The vulnerable code is highlighted with severity-colored markers.
Right Panel: Details
Selected finding details:
| Section | Content |
|---|---|
| Summary | Brief description of the issue |
| Severity | Risk level and confidence score |
| Location | File path, line number, function |
| Impact | What could go wrong |
| Remediation | How to fix it |
| References | Related vulnerabilities, CVEs |
| AI Notes | LLM verification commentary |
Working with Findings
Triage Workflow
- Review - Read the finding details
- Verify - Check the code in context
- Decide - True positive or false positive?
- Act - Fix, assign, or dismiss
Status Options
| Status | Meaning |
|---|---|
| Open | New finding, needs review |
| In Progress | Being worked on |
| Resolved | Fixed in code |
| Ignored | False positive or accepted risk |
Bulk Actions
Select multiple findings to:
- Change status
- Assign to team member
- Add tags
- Export selection
Adding Comments
Document your analysis:
- Click Add Comment on a finding
- Write your notes (supports Markdown)
- Optionally mention team members with @username
- Comments are visible to all project members
Keyboard Shortcuts
| Shortcut | Action |
|---|---|
j / k | Navigate findings (down/up) |
o | Open selected finding |
s | Toggle status dropdown |
a | Assign finding |
d | Dismiss as false positive |
/ | Focus search |
? | Show all shortcuts |
Code Navigation
Jump to Definition
Click function or contract names to jump to their definitions.
Cross-References
View where a function is called from or what it calls:
- Right-click on a function name
- Select Find References or Go to Definition
File Tree
Browse all analyzed files:
- Click the folder icon in the code panel
- Navigate the file tree
- Click a file to view its contents
Comparing Scans
Compare findings between two scans:
- Click Compare in the toolbar
- Select two scan dates
- View:
- New findings (in latest only)
- Resolved findings (in older only)
- Unchanged findings
Exporting Findings
Export findings for external tools or reports:
Export Options
- PDF Report - Formatted security report
- CSV - Spreadsheet-compatible
- JSON - Machine-readable
- SARIF - GitHub Security compatible
- Markdown - Documentation-friendly
Export Scope
- All findings
- Filtered findings (current view)
- Selected findings only
Integration with IDEs
Open findings directly in your IDE:
VS Code
- Install the FirePan VS Code extension
- Click Open in VS Code on any finding
- File opens at the exact line
JetBrains IDEs
Similar integration available for IntelliJ/WebStorm.
Next Steps
- Surface Scan - Quick vulnerability scanning
- Deep Audit - Comprehensive analysis
- CI/CD Integration - Automated checks