浏览组件

CTOArchitecture ReviewScaling+6

alirezarezvani

100/100

/cs:cto-review <plan> — Architecture and scaling interrogation. Tech debt, scaling cliffs, team scaling, build-vs-buy. U...

Jun 14, 2026

新鲜

18.1k

Static Analysis Skill

Runs CodeQL and Semgrep for automated security vulnerability detection in codebases.

Agentic Actions Auditor

skilltrail-of-bitsagentic+2

Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemi...

C/C++ Security Review

Performs comprehensive C/C++ security review for memory corruption, integer overflows, race conditions, and platform-spe...

skilltrail-of-bitsreview

Trail of Bits Skills

security-auditvulnerabilitybinary-analysis+1

Security audit skill collection from Trail of Bits covering vulnerability detection, binary analysis, SAST, and secure c...

Mar 25, 2026

新鲜

3.9k

Constant Time Analysis

skilltrail-of-bitsconstant+2

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encou...

CodeQL Analysis

skilltrail-of-bitsstatic-analysis+2

Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. Trig...

Semgrep Analysis

skilltrail-of-bitsstatic-analysis+2

Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full rules...

Variant Analysis

skilltrail-of-bitsvariant+1

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, buil...

YARA Rule Authoring

Author, test, and refine YARA rules for malware, exploit, and artifact detection while minimizing false positives.

skilltrail-of-bitsyara+2

Dimensional Analysis

skilltrail-of-bitsdimensional+1

Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when some...

Seatbelt Sandboxer

skilltrail-of-bitsseatbelt+1

Generates minimal macOS Seatbelt sandbox configurations. Use when sandboxing, isolating, or restricting macOS applicatio...

Sharp Edges

skilltrail-of-bitssharp+1

Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when revie...

Spec To Code Compliance

Verifies code implements exactly what documentation specifies for blockchain audits. Use when comparing code against whi...

skilltrail-of-bitsspec+2

SARIF Parsing

skilltrail-of-bitsstatic-analysis+3

Parses and processes SARIF files from static analysis tools like CodeQL, Semgrep, or other scanners. Triggers on "parse...

Burpsuite Project Parser

skilltrail-of-bitsburpsuite+2

Searches and explores Burp Suite project files (.burp) from the command line. Use when searching response headers or bod...

AFL++ Fuzzing

skilltrail-of-bitsfuzzing+3

Configure and run AFL++ fuzzing campaigns for C/C++ targets, including harness setup, corpus handling, dictionaries, par...

cargo-fuzz

skilltrail-of-bitsfuzzing+4

Set up cargo-fuzz for Rust crates, write effective fuzz targets, manage corpora, and triage panics or sanitizer crashes.

Coverage Analysis

skilltrail-of-bitsfuzzing+3

Measure fuzzing or test coverage, identify untested parser and protocol paths, and translate coverage gaps into better h...

Fuzz Harness Writing

skilltrail-of-bitsfuzzing+4

Write targeted fuzz harnesses that isolate parsers, state machines, and security-sensitive APIs without hiding bugs behi...