Skip to content
| Marketplace
Sign in
Visual Studio Code>AI>Chonky AiNew to Visual Studio Code? Get it now.
Chonky Ai

Chonky Ai

Preview

tintinweb

|
11 installs
| (0) | Free
A Superhuman LLM Auditing Agent for Solidity.
Installation
Launch VS Code Quick Open (Ctrl+P), paste the following command, and press enter.
Copied to clipboard
More Info

🍣 Chonky - A Superhuman LLM Auditing Agent for Solidity

Chonky Logo

Your AI-Powered Smart Contract Auditing Assistant

Version License Sponsors

Sponsor


VS Code Marketplace:

  • tintinweb.chonky
  • #> ext tintinweb.chonky

TLDR;

  • Agent Augmented Auditing
  • Automated Scoping
  • Automated In-Depth Security Analysis
  • Agentic Tooling for Deep Smart Contract Insights
  • Extending Agent capabilities with General Purpose LLM Tooling
  • Your Smart Contract Auditing Side-Kick!

Extends GitHub/Copilot Model Capabilities

🚀 Quick Start Guide

💬 Chat with Chonky

Use the @chonky chat participant for AI-assisted auditing

📊 Scope Solidity Projects

Generate comprehensive project scoping reports

🤖 Agent Automated Audits

Run comprehensive automated security analysis

**@chonky** #autoaudit Full security scan

🎯 Custom Chat Modes

Specialized chat modes for different audit phases

🔍 Discover Tools

Explore all available features for your tier

📜 Agentic Auditor Prompt Template

Pre-prompt your action with our agentic security auditor template.

⚡ Early Access / Sponsors / Professional

♥️ Sign In for Early Access Features (Sponsors)

Sponsor and get Early Access to experimental future features 😊. Ping me if you run into any problems 🤗.

⚡⚡ Custom Agentic Workflows

Ready-to-go Scoping/Auditing workflows, easy to extend and customize.

**@chonky** ...

⚡⚡ Access to a comprehensive list of Security Primers

Get access to our curated list of Solidity security primers to augment and automate your security auditing.

**@chonky** ...

🆕 What's New in v0.6.0

✨ Highlights

  • 🚀 Advanced Security Analysis Features
  • 🛡️ Enhanced AI-Powered Vulnerability Detection
  • ⚡ Improved Tier-Based Feature Access

🌟 New Features

  • ▸ Security primer discovery and loading system
  • ▸ Workflow repository with pre-built analysis templates
  • ▸ Tool configuration repository access
  • ▸ Interactive Solidity REPL (Chisel) integration
  • ▸ Comprehensive differential analysis orchestrator
  • ▸ AI-powered function similarity detection
  • ▸ Advanced vulnerability database search
  • ▸ MetaMask Snap security analysis
  • ▸ Multi-language scoping (Go, Rust, Solidity)
  • ▸ Etherscan and Sourcify integration
  • ▸ Semgrep static analysis integration

🚀 Improvements

  • ▸ Faster contract analysis
  • ▸ Improved tooltip experience
  • ▸ Enhanced sponsorship integration

🛠️ Feature Catalog

🆓 Base Features (16 tools)

Available to everyone

Feature Description
✅ Chonky Chat Participant AI-powered @chonky chat participant for intelligent assistance
✅ Solidity Metrics & Scoping Comprehensive project analysis and scoping reports
✅ Contract Structure Analysis Deep dive into contract architecture and patterns
✅ Inheritance Tree Analysis Visualize and analyze inheritance relationships
✅ Contract Flattening Flatten complex contract hierarchies
✅ Access Control Analysis Identify permission patterns and vulnerabilities
✅ Storage Layout Analysis Optimize storage packing and layout
✅ Deployable Contract Discovery Find contracts ready for deployment
✅ Import Dependency Analysis Map external dependencies and risks
✅ Surya Visualization Suite Generate graphs and visual contract analysis
✅ Solhint Code Quality Automated code quality and style checks
✅ JSON Processing Tools Advanced JSON parsing and analysis
✅ DateTime Utilities Timestamp and date manipulation tools
✅ Memory Store Persistent data storage across sessions
✅ Available Tools Discovery Explore all available Chonky capabilities
✅ Workspace File Search Intelligent file discovery and search

⚡ Early Access Features (15 tools)

Available earlier to sponsors

💡 Support development to get early access - Become a Sponsor

Feature Description
⚡ Custom Chat Modes Specialized chat modes for auditing workflows and scoping
⚡ Semgrep Security Analysis Advanced static analysis with custom rules
⚡ Solidity REPL (Chisel) Interactive Solidity execution environment
⚡ Reentrancy Detection Comprehensive reentrancy vulnerability analysis
⚡ Oracle Risk Analysis Identify oracle manipulation vulnerabilities
⚡ ERC Compliance Checker Verify token standard implementations
⚡ External Calls Analysis Map and analyze all external interactions
⚡ Event Pattern Analysis Verify event emission completeness
⚡ Function Similarity Detector AI-powered function pattern matching
⚡ Inconsistency Reporter Find security pattern discrepancies
⚡ Differential Analysis Orchestrator Comprehensive security pattern comparison
⚡ Smart Contract Invariants Verify contract invariant properties
⚡ Function Analysis Engine Deep function behavior and pattern analysis
⚡ Contract Call Graph Generator Advanced interaction flow visualization
⚡ Function Path Tracer Execution path analysis with wildcard selectors

👑 Professional Features (12 tools)

For security teams and researchers

🚀 Professional tools for advanced security research - Upgrade to Professional

Feature Description
👑 Security Primer Discovery Discover and search security analysis primers
👑 Security Primer Loading Load comprehensive security primers for AI analysis
👑 Workflow Repository Access Access pre-built security analysis workflows
👑 Tool Repository Access Access security tool configurations and templates
👑 Vulnerability Database Search Query Solodit for known vulnerabilities
👑 Diligence Vulnerability Database Access ConsenSys Diligence research database
👑 Go Codebase Scoping Security analysis for Go blockchain projects
👑 Rust Codebase Scoping Security analysis for Rust blockchain projects
👑 MetaMask Snap Analysis Comprehensive MetaMask Snap security review
👑 Etherscan Integration On-chain contract verification and analysis
👑 Sourcify Integration Source code verification and metadata analysis
👑 Public Codebase Search Search GitHub for similar contract patterns

📖 Documentation

Getting Started

  1. Install the Extension: Search for "Chonky" in VS Code Extensions
  2. Start Chatting: Use @chonky in any chat window (ask Mode)
  3. Discover Tools: Switch to Copilot Agentic Mode, ask about Chonky's available tools in natural language
  4. Scope Your Project: In Agentic or Scoping Mode, ask to scope the project

Chat Modes

Chonky supports specialized chat modes for different agentic workflows:

  • Scoping - Project scoping and analysis
  • Audit - Security auditing workflows

Tool Categories

  • 🔒 Security Analysis: Access control, reentrancy, external calls, oracle analysis
  • 🏗️ Contract Structure: Structure analysis, imports, inheritance, flattening
  • 📊 Code Quality: Events, ERC compliance, functions, invariants
  • 🌐 External Services: Etherscan, Sourcify, vulnerability databases
  • 🛠️ Utilities: Surya graphs, Solhint, scoping, memory store

🎯 Use Cases

Security Auditors

  • Comprehensive vulnerability detection
  • Automated pattern analysis
  • AI-assisted code review
  • Integration with external databases

Development Teams

  • Project scoping and metrics
  • Code quality assurance
  • ERC standard compliance
  • Continuous security monitoring

Security Researchers

  • Advanced vulnerability research
  • Pattern similarity detection
  • Multi-language analysis
  • Custom primer development

🔧 Installation

VS Code Marketplace

  1. Open VS Code
  2. Go to Extensions (Ctrl+Shift+X)
  3. Search for "Chonky"
  4. Click Install

Manual Installation

  1. Download the latest .vsix file from releases
  2. Open VS Code
  3. Run Extensions: Install from VSIX...
  4. Select the downloaded file

🤝 Contributing

We welcome contributions! Here's how you can help:

  1. Report Bugs: Open an issue with detailed information
  2. Feature Requests: Suggest new features or improvements
  3. Documentation: Help improve our docs
  4. Sponsorship: Support development through GitHub Sponsors

Development Setup

git clone https://github.com/tintinweb/vscode-chonky.git
cd chonky
npm install
npm run compile

💝 Support Development

Chonky is developed and maintained by passionate security researchers. Your support helps us:

  • 🔬 Research new vulnerabilities
  • 🛠️ Develop advanced tools
  • 📚 Create educational content
  • 🌍 Keep tools free for everyone

Sponsor

Sponsorship Tiers

  • 🆓 Base: Core features for everyone
  • ⚡ Early Access (see Sponsor page): Early access to new features
  • 👑 Professional (contact me): Advanced research tools

📄 License & Credits

Created by tintinweb - Security researcher and smart contract auditor with 7+ years in Blockchain security.


📞 Support & Community

  • GitHub Issues: Report bugs and request features
  • Twitter: @tintinweb
  • Website: Visit our website

Made with ♥️ by the security community

🏠 Home • 📖 Docs • 💝 Sponsor

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2025 Microsoft