defirisk.co
rubric v1.7.0

Static-analyzer high-severity count

Aave v3's assessment for RD-F-010 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No Slither/Mythril/Semgrep tool run available for the deployed verified source across 21-chain deployment. T-10 flagged this as a systemic data gap for multi-chain lending protocols. Multiple Tier-1 audit firms substantially reduce probability of live high-severity undetected issues, but gray is the appropriate status without programmatic output.

Sources #

  • Internal
    T-10 Aave v3 Methodology IssuesT-10 §2.3.6 methodology issue #2 — Slither/Mythril infrastructure gapretrieved 2026-04-27

Methodology #

Count the number of unique high-severity detector findings from Slither + Mythril + Semgrep run against the deployed verified source (after deduplication across tools).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol aave-v3 factor RD-F-010 score gray collected_at 2026-04-27 23:28:46