Ramuh brings security insights from Mythril Platform API into your desktop. When your smart contracts are saved, if there are security issues detected by Mythril you'll get a notification and information abour the issues.
Ramuh brings the power of the MythX Platform API to your desktop.
It watches directories for changes on smart contract files, sends data to MythX security analysis platform and shows relevant security issues found on your code as desktop notifications.
First, install ramuh package:
$ npm i -g ramuh
For using ramuh you need MythX platform credential, either as an API key
or as a eth address and password pair. Ramuh expects these values to be set
as the environment variables MYTHX_API_KEY or MYTHX_ETH_ADDRESS and
MYTHX_PASSWORD.
Then, start it indicating MythX platform access credentials and the
directory to watch:
$ ramuh -contractspath /path/to/contracts
From this point, when you change *.sol files in /path/to/contracts, an
analysis request is sent to the MythX API endpoint. If any security issue is
detected, it will be shown to you as a desktop notification.
This video shows how all this works:
For more info join the MythX community at Discord.
FAQs
Ramuh brings security insights from Mythril Platform API into your desktop. When your smart contracts are saved, if there are security issues detected by Mythril you'll get a notification and information abour the issues.
The npm package ramuh receives a total of 0 weekly downloads. As such, ramuh popularity was classified as not popular.
We found that ramuh demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.