A practical guide to using AI agents effectively for Solidity smart contract auditing. Covers why generic prompts fail in security contexts, and provides concrete prompt patterns for vulnerability detection, attack scenario generation, audit checklists, finding verification, and report generation. Advocates a structured
Table of contents
Why AI in Auditing Is a Different BeastThe Core Principles (That Most People Skip)Give the Model a Role That Isn’t “Helper”Context Is Not Optional — It’s MandatoryForce Structured OutputMake the Model Show Its WorkThe Prompt Patterns That Actually MatterVulnerability DetectionAttack Scenario GenerationAudit Checklist PassReport GenerationThe Verification Prompt (Don’t Skip This One)Building an Agent That Actually AuditsGet BATIS AB’s stories in your inboxIntegrating Tools the Right WayMistakes I See ConstantlyWhat a Real Workflow Looks LikeThe Checklist (Quick Reference)Where This Is All GoingSort: