0xSENTINEL accepts pasted or uploaded Solidity source code, sends it through a Next.js server action, and runs an AST-backed analysis pass against common risk patterns.

When the parser cannot recover cleanly, the scanner falls back to regex heuristics so users still get a first-pass read. It remains a triage tool, not a substitute for a full manual audit or deeper symbolic analysis.

• ✓Reentrancy: Flags value-transferring external calls that often deserve manual ordering review.
• ✓tx.origin: Identifies authorization logic that depends on `tx.origin`.
• ✓Unchecked calls: Flags low-level calls when the success value is not obviously handled.
• ✓Weak randomness: Flags `block.timestamp`, `block.difficulty`, and `now` when used as entropy.
• ✓Floating pragma: Flags version ranges such as `pragma solidity ^0.8.0`.
• ✓delegatecall risk: Highlights delegatecall usage because it executes in the caller storage context.
• ✓selfdestruct usage: Flags shutdown primitives that can permanently alter production behavior.