GitHub
Skills harvested from GitHub repositories
14810 skills availabletrailmark
Parses source code into a directed graph of functions, classes, calls, and semantic metadata for security analysis. Mapp...
trailmark-summary
Runs trailmark analyze --language auto --summary on a target directory. Vivisect Phase 0 needs a quick structural overvi...
trailmark-structural
Builds a Trailmark graph and runs engine.preanalysis() to compute all four pre-analysis passes. Vivisect Phase 1 needs f...
graph-evolution
Builds Trailmark code graphs at two source snapshots and computes a structural diff. Surfaces security-relevant changes ...
genotoxic
Combines mutation testing and necessist (test statement removal) with code graph analysis to triage findings into action...
diagramming-code
Generates Mermaid diagrams from Trailmark's code graph. A pre-made script handles Mermaid syntax generation; Claude sele...
ruzzy
Ruzzy is a coverage-guided fuzzer for Ruby built on libFuzzer. It enables fuzzing both pure Ruby code and Ruby C extensi...
harness-writing
A fuzzing harness is the entrypoint function that receives random data from the fuzzer and routes it to your system unde...
fuzzing-obstacles
Codebases often contain anti-fuzzing patterns that prevent effective coverage. Checksums, global state (like time-seeded...
fuzzing-dictionary
A fuzzing dictionary provides domain-specific tokens to guide the fuzzer toward interesting inputs. Instead of purely ra...
coverage-analysis
Coverage analysis is essential for understanding which parts of your code are exercised during fuzzing. It helps identif...
constant-time-testing
Timing attacks exploit variations in execution time to extract secret information from cryptographic implementations. Un...
cargo-fuzz
cargo-fuzz is the de facto choice for fuzzing Rust projects when using Cargo. It uses libFuzzer as the backend and provi...
atheris
Atheris is a coverage-guided Python fuzzer built on libFuzzer. It enables fuzzing of both pure Python code and Python C ...
skill-improver
Iteratively improve a Claude Code skill using the skill-reviewer agent until it meets quality standards. Requires the pl...
seatbelt-sandboxer
Generate minimally-permissioned allowlist-based Seatbelt sandbox configurations for applications. User asks to "sandbox"...
property-based-testing
Use this skill proactively during development when you encounter patterns where PBT provides stronger coverage than exam...
ossfuzz
OSS-Fuzz is an open-source project developed by Google that provides free distributed infrastructure for continuous fuzz...
yara-rule-authoring
Write detection rules that catch malware without drowning in false positives. This skill targets YARA-X, the Rust-based ...
address-sanitizer
AddressSanitizer (ASan) is a widely adopted memory error detection tool used extensively during software testing, partic...
testing-handbook-generator
Generate and maintain Claude Code skills from the Trail of Bits Testing Handbook. Invoke this skill when: Creating new s...
wycheproof
Wycheproof is an extensive collection of test vectors designed to verify the correctness of cryptographic implementation...
claude-in-chrome-troubleshooting
Use this skill when Claude in Chrome MCP tools fail to connect or work unreliably. mcpclaude-in-chrome tools fail with "...
sharp-edges
Evaluates whether APIs, configurations, and interfaces are resistant to developer misuse. Identifies designs where the "...