Solana Security Standard
Verified · yesterdayScan Solana/Anchor code against the Solana Security Standard and serve the ruleset to MCP clients.
Install
claude mcp add solana-security-mcp -- npx -y @jelleo/[email protected]
Our take
The repo is the SOL-0XX 'Solana Security Standard' — 52 pattern-based rules for Solana/Anchor bug classes the author says are distilled from real exploit post-mortems — and the MCP server is its mcp/ subfolder (the @jelleo/solana-security-mcp npm package points there), serving the ruleset and a scan tool to any client; the same rules also ship as a zero-dependency CLI, Semgrep port, GitHub Action, Open VSX editor extension, and Claude Code plugin, with checksummed and SSH-signed releases. Caveats: the whole project is about six weeks old (created late May 2026), written by a single pseudonymous auditor, and the rules are regex/pattern matching — a lint layer that will miss logic bugs, not an audit substitute — while the '$514M of exploits' and bounty-win framing are the author's own claims. Actively maintained (v1.12.0, 604 weekly npm downloads). For Solana/Anchor teams wanting a cheap security gate in editors and CI.
Verification record
- yesterday
- 35
- 4 days ago
- no
- MIT
- 604
- 1.5.1
- 2026-06-30