Quickstart
Get your first smart contract security scan running in under 5 minutes.
Prerequisites
- A GitHub repository with Solidity or Vyper contracts
Install the FirePan GitHub App
The fastest way to get started is by installing our GitHub App:
- Visit github.com/apps/firepan-ai
- Click Install and select your repositories
- You'll be redirected to your FirePan dashboard
That's it! FirePan will automatically scan your repositories and notify you of any findings.
Manual Scan (CLI)
For local development or CI/CD integration, use the FirePan CLI:
# Login with your FirePan account
firepan login
# Scan a GitHub repository
firepan scan https://github.com/your-org/your-repo --format html --output report.html
# Open the report in your browser
open report.html
Understanding Your Results
Risk Scores
| Score | Level | What it means |
|---|---|---|
| 70-100 | Critical | Major issues found, warrants immediate investigation |
| 50-69 | High | Significant findings, moderate concern |
| 25-49 | Medium | Some issues worth noting |
| 0-24 | Low | Minor findings, typical for battle-tested code |
Common Findings
FirePan detects a wide range of vulnerabilities:
- Reentrancy vulnerabilities - External calls before state updates
- Access control issues - Missing or weak authorization
- Integer overflow/underflow - For Solidity < 0.8.0
- Unprotected selfdestruct - Critical self-destruct without access control
- Unchecked external calls - Low-level calls without return validation
Next Steps
- Platform Overview - Learn about FirePan's capabilities
- Surface Scan - Deep dive into quick scanning
- Deep Audit - Learn about comprehensive audits
- Pricing - Explore our plans
Need Help?
- Dashboard: app.firepan.com
- Support: support@firepan.com