Static-analyzer high-severity count

Falcon Finance's assessment for RD-F-010 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No published static analysis output. Using audits as proxy: Zellic 0C/0H/1M in audited scope. Post-TGE contracts (sFF, sFF-Prime, FF Staking Vault) unassessable. Scored yellow — partial audit evidence, unaudited surface material.

Detail #

No Slither/Mythril/Semgrep output published; closed-source prevents local tool run. Zellic found 0 critical, 0 high, 1 medium (StakedUSDf initialization failure on 0,0 params) in USDf/sUSDf scope. Pashov found 0 critical, 0 high per public summary. The unaudited post-TGE contracts represent a material unassessable surface. Scored yellow because: audited scope shows no live high-severity issues but the full contract suite cannot be assessed.

Sources #

Audit
Zellic Falcon Finance Audit FindingsZellic: 0C/0H/1M findings in USDf/sUSDf scoperetrieved 2026-05-12
Docs
Falcon Finance Audits DocumentationFalcon Finance audits page: 'No vulnerabilities of critical or high severity identified' per both firmsretrieved 2026-05-12

Methodology #

Count the number of unique high-severity detector findings from Slither + Mythril + Semgrep run against the deployed verified source (after deduplication across tools).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol falcon-finance factor RD-F-010 score yellow collected_at 2026-05-12 04:06:37