SNCheckGitHub
Open-source · Bittensor subnet security

Check subnet repos before miners run them.

SNCheck helps miners inspect Bittensor subnet repositories for wallet risk, unsafe install scripts, suspicious execution patterns, and upcoming repo trust signals.

View on GitHubCLI docsRead the roadmap

Subnet repos move fast. Miners need a safer first check.

Bittensor miners often clone and run subnet repositories directly. Some repos may be unaudited, outdated, misconfigured, or unsafe to run on machines with wallet material. SNCheck gives miners an evidence-first review layer before execution.

Start with the CLI.

The CLI is the first real product — run it locally against any subnet repo or GitHub URL.

  • Scans local repos and GitHub URLs
  • Detects Bittensor wallet-path risk
  • Flags dangerous install patterns
  • Reports file, line, severity, and evidence
  • Supports JSON output for automation
Read CLI docsView source
terminal
$ pipx install sncheck
$ sncheck check https://github.com/example/subnet
 
Overall risk: High
Findings: 0 critical, 2 high, 4 medium

Bittensor-aware checks.

SNCheck reserves high severity for code that actually does something dangerous with wallet material — plain references are treated as low-risk context.

Wallet risk

Detects wallet path, hotkey, coldkey, and mnemonic references — and flags code that reads or exfiltrates key material.

Install risk

Flags curl-to-shell, wget-to-shell, base64 execution, and risky setup scripts.

Python execution risk

Detects eval, exec, os.system, subprocess shell usage, and unsafe pickle loads.

Repo trust

Future verification for official subnet repositories and monitored commits.

From CLI to trust platform.

The CLI is step one. Over time, SNCheck grows into a public trust layer for subnet repositories.

SNCheck CLI

Now

Open-source scanner for checking subnet repos before miners run them.

Public scan reports

Next

Shareable repo reports with the latest scanned commit and a risk summary.

Verified subnet repo pages

Planned

Ownership-verified pages for official subnet repositories and monitored commits.

Continuous monitoring

Planned

Re-scan repositories on new commits and surface changes in risk over time.

GitHub App checks

Planned

Run SNCheck automatically on pull requests and pushes via a GitHub App.

AI-assisted review

Research

Augment static rules with model-assisted review of suspicious patterns.

Researcher submissions

Research

A portal for researchers to submit findings about subnet repositories.

Bug bounty contests

Planned

Future researcher contests for subnet security and incentive integrity.

See the full roadmap

Help make subnet repos safer to run.

Star SNCheck on GitHubRead the roadmapReport a security issue