https://github.com/trailofbits/skills
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
https://github.com/trailofbits/skills
agent-skills
Last synced: 7 days ago
JSON representation
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
- Host: GitHub
- URL: https://github.com/trailofbits/skills
- Owner: trailofbits
- License: cc-by-sa-4.0
- Created: 2026-01-14T18:23:21.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2026-06-15T16:05:05.000Z (19 days ago)
- Last Synced: 2026-06-18T08:34:49.196Z (16 days ago)
- Topics: agent-skills
- Language: Python
- Homepage:
- Size: 1.48 MB
- Stars: 5,756
- Watchers: 64
- Forks: 504
- Open Issues: 29
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS
- Agents: AGENTS.md
Awesome Lists containing this project
- awesome-claude-skills - Trail of Bits Security Skills
- awesome-claude-skills - Trail of Bits Security Skills - Security skills for static analysis with CodeQL/Semgrep, variant analysis, code auditing, and fix verification. (🛡 Security & Web Testing)
- awesome-claude-code - **skills**
- awesome-claude-code-security - Trail of Bits Skills - Security research skills for Claude Code: vulnerability detection and audit workflows from Trail of Bits. (📦 Plugins, Extensions, and Supply Chain / Claude Code Specific)
- awesome-ai-security - Trail of Bits Skills Marketplace - _Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows_ (Agentic AI Security Skills / Data & Supply Chain Security)
- awesome-claude-code - trailofbits/skills - square&logo=github) | Security research skills from Trail of Bits | (Skills & Plugins)
- awesome-solidity - Trail of Bits Skills - Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows. [](https://github.com/trailofbits/skills) (AI & Agentic Development / Skills)
- awesome-claude-code-and-skills - trailofbits/skills - square) (Security & Compliance / Security Analysis)
- fucking-awesome-python - trailofbits-skills - Python-friendly security skills for auditing, testing, and safer backend development. (AI and Agents)
- awesome-python - trailofbits-skills - Python-friendly security skills for auditing, testing, and safer backend development. (AI and Agents)
- awesome-openclaw-skills - trailofbits/skills
- awesome-github-repos - trailofbits/skills - Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows (Python)
- awesome-skills-zh - **trailofbits/skills**
- awesome-codex-cli - Trail of Bits Security Skills - A very professional collection of over a dozen security-focused skills for code auditing and vulnerability detection. Includes skills for static analysis with CodeQL and Semgrep, variant analysis across codebases, fix verification, and differential code review. (Agent Skills / General)
- awesome-claude-code-cn - Trail of Bits Security Skills - 一组非常专业的安全技能集合,包含十几个用于代码审计和漏洞检测的技能。包括使用 CodeQL 和 Semgrep 进行静态分析的技能、跨代码库的变体分析、修复验证和差异代码审查。 (代理技能 🤖 / 通用)
- awesome-agent-skills - trailofbits/skills - references` 📚 `has-scripts` 📜 `spec-compliant` ✅ (📦 Skill Collections)
- awesome-agent-skills - skills - Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows. (Security Review Skills)
- awesome-rainmana - trailofbits/skills - Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows (Python)
- claude-code-skills-zh - trailofbits-skills
README
# Trail of Bits Skills Marketplace
A Claude Code plugin marketplace from Trail of Bits providing skills to enhance AI-assisted security analysis, testing, and development workflows. Codex can load this marketplace through its Claude marketplace compatibility.
> Also see: [claude-code-config](https://github.com/trailofbits/claude-code-config) · [skills-curated](https://github.com/trailofbits/skills-curated) · [claude-code-devcontainer](https://github.com/trailofbits/claude-code-devcontainer) · [dropkit](https://github.com/trailofbits/dropkit)
## Installation
### Claude Code Marketplace
```
/plugin marketplace add trailofbits/skills
```
### Browse and Install Plugins
```
/plugin menu
```
### Codex
Codex supports Claude plugin marketplaces directly, so this repository does not need Codex-specific sidecar metadata.
Install the marketplace with:
```sh
codex plugin marketplace add trailofbits/skills
codex plugin list
codex plugin add @trailofbits
```
### Local Development
To add the marketplace locally (e.g., for testing or development), navigate to the **parent directory** of this repository:
```
cd /path/to/parent # e.g., if repo is at ~/projects/skills, be in ~/projects
/plugins marketplace add ./skills
```
## Available Plugins
### Smart Contract Security
| Plugin | Description |
|--------|-------------|
| [building-secure-contracts](plugins/building-secure-contracts/) | Smart contract security toolkit with vulnerability scanners for 6 blockchains |
| [entry-point-analyzer](plugins/entry-point-analyzer/) | Identify state-changing entry points in smart contracts for security auditing |
### Code Auditing
| Plugin | Description |
|--------|-------------|
| [agentic-actions-auditor](plugins/agentic-actions-auditor/) | Audit GitHub Actions workflows for AI agent security vulnerabilities |
| [audit-context-building](plugins/audit-context-building/) | Build deep architectural context through ultra-granular code analysis |
| [burpsuite-project-parser](plugins/burpsuite-project-parser/) | Search and extract data from Burp Suite project files |
| [c-review](plugins/c-review/) | Comprehensive C/C++ security review with clustered parallel workers and SARIF output |
| [differential-review](plugins/differential-review/) | Security-focused differential review of code changes with git history analysis |
| [dimensional-analysis](plugins/dimensional-analysis/) | Annotate codebases with dimensional analysis comments to detect unit mismatches and formula bugs |
| [fp-check](plugins/fp-check/) | Systematic false positive verification for security bug analysis with mandatory gate reviews |
| [insecure-defaults](plugins/insecure-defaults/) | Detect insecure default configurations, hardcoded credentials, and fail-open security patterns |
| [semgrep-rule-creator](plugins/semgrep-rule-creator/) | Create and refine Semgrep rules for custom vulnerability detection |
| [semgrep-rule-variant-creator](plugins/semgrep-rule-variant-creator/) | Port existing Semgrep rules to new target languages with test-driven validation |
| [sharp-edges](plugins/sharp-edges/) | Identify error-prone APIs, dangerous configurations, and footgun designs |
| [static-analysis](plugins/static-analysis/) | Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing |
| [supply-chain-risk-auditor](plugins/supply-chain-risk-auditor/) | Audit supply-chain threat landscape of project dependencies |
| [testing-handbook-skills](plugins/testing-handbook-skills/) | Skills from the [Testing Handbook](https://appsec.guide): fuzzers, static analysis, sanitizers, coverage |
| [trailmark](plugins/trailmark/) | Code graph analysis, Mermaid diagrams, mutation testing triage, and protocol verification |
| [variant-analysis](plugins/variant-analysis/) | Find similar vulnerabilities across codebases using pattern-based analysis |
### Malware Analysis
| Plugin | Description |
|--------|-------------|
| [yara-authoring](plugins/yara-authoring/) | YARA detection rule authoring with linting, atom analysis, and best practices |
### Verification
| Plugin | Description |
|--------|-------------|
| [constant-time-analysis](plugins/constant-time-analysis/) | Detect compiler-induced timing side-channels in cryptographic code |
| [mutation-testing](plugins/mutation-testing/) | Configure mewt/muton mutation testing campaigns — scope targets, tune timeouts, optimize long runs |
| [property-based-testing](plugins/property-based-testing/) | Property-based testing guidance for multiple languages and smart contracts |
| [spec-to-code-compliance](plugins/spec-to-code-compliance/) | Specification-to-code compliance checker for blockchain audits |
| [zeroize-audit](plugins/zeroize-audit/) | Detect missing or compiler-eliminated zeroization of secrets in C/C++ and Rust |
### Reverse Engineering
| Plugin | Description |
|--------|-------------|
| [dwarf-expert](plugins/dwarf-expert/) | Interact with and understand the DWARF debugging format |
### Mobile Security
| Plugin | Description |
|--------|-------------|
| [firebase-apk-scanner](plugins/firebase-apk-scanner/) | Scan Android APKs for Firebase security misconfigurations |
### Development
| Plugin | Description |
|--------|-------------|
| [ask-questions-if-underspecified](plugins/ask-questions-if-underspecified/) | Clarify requirements before implementing |
| [devcontainer-setup](plugins/devcontainer-setup/) | Create pre-configured devcontainers with Claude Code and language-specific tooling |
| [gh-cli](plugins/gh-cli/) | Intercept GitHub URL fetches and redirect to the authenticated `gh` CLI |
| [git-cleanup](plugins/git-cleanup/) | Safely clean up git worktrees and local branches with gated confirmation workflow |
| [let-fate-decide](plugins/let-fate-decide/) | Draw Tarot cards using cryptographic randomness to add entropy to vague planning |
| [modern-python](plugins/modern-python/) | Modern Python tooling and best practices with uv, ruff, and pytest |
| [seatbelt-sandboxer](plugins/seatbelt-sandboxer/) | Generate minimal macOS Seatbelt sandbox configurations |
| [second-opinion](plugins/second-opinion/) | Run code reviews using external LLM CLIs (OpenAI Codex, Google Gemini) on changes, diffs, or commits. Bundles Codex's built-in MCP server. |
| [skill-improver](plugins/skill-improver/) | Iterative skill refinement loop using automated fix-review cycles |
| [workflow-skill-design](plugins/workflow-skill-design/) | Design patterns for workflow-based Claude Code skills with review agent |
### Team Management
| Plugin | Description |
|--------|-------------|
| [culture-index](plugins/culture-index/) | Interpret Culture Index survey results for individuals and teams |
### Tooling
| Plugin | Description |
|--------|-------------|
| [claude-in-chrome-troubleshooting](plugins/claude-in-chrome-troubleshooting/) | Diagnose and fix Claude in Chrome MCP extension connectivity issues |
### Infrastructure
| Plugin | Description |
|--------|-------------|
| [debug-buttercup](plugins/debug-buttercup/) | Debug [Buttercup](https://github.com/trailofbits/buttercup) Kubernetes deployments |
## Trophy Case
Bugs discovered using Trail of Bits Skills. Found something? [Let us know!](https://github.com/trailofbits/skills/issues/new?template=trophy-case.yml)
When reporting bugs you've found, feel free to mention:
> Found using [Trail of Bits Skills](https://github.com/trailofbits/skills)
| Skill | Bug |
|-------|-----|
| constant-time-analysis | [Timing side-channel in ML-DSA signing](https://github.com/RustCrypto/signatures/pull/1144) |
## Contributing
We welcome contributions! Please see [CLAUDE.md](CLAUDE.md) for skill authoring guidelines.
## License
This work is licensed under a [Creative Commons Attribution-ShareAlike 4.0 International License](https://creativecommons.org/licenses/by-sa/4.0/). Made by [Trail of Bits](https://www.trailofbits.com/).