defirisk.co
rubric v1.7.0

Static-analyzer high-severity count

Chainlink CCIP's assessment for RD-F-010 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No published Slither/Mythril/Semgrep tool output found for CCIP deployed contracts. Code4rena Nov-2024 context mentions Slither/Aderyn tooling but no public findings document retrieved. Cannot determine high-severity count without tool run.

Sources #

  • Curator note
    Research gap: static analysis output unavailableNo public static-analysis report found for CCIP; Code4rena Nov-2024 references Slither/Aderyn but output not publishedretrieved 2026-05-16

Methodology #

Count the number of unique high-severity detector findings from Slither + Mythril + Semgrep run against the deployed verified source (after deduplication across tools).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol chainlink-ccip factor RD-F-010 score gray collected_at 2026-05-16 01:55:09