trail-of-bits-security

Professional security-audit skills from Trail of Bits: static analysis with CodeQL/Semgrep, variant analysis, and code auditing.

SecurityADVANCEDby Trail of Bits

Claude Codesecurityauditstatic-analysis

Key Information

Install / Load

git clone https://github.com/trailofbits/skills

View Source & Install Guide

How This Skill Works

A collection of security skills from Trail of Bits, a leading security firm. Encodes professional audit workflows: static analysis with CodeQL and Semgrep, variant analysis (finding all instances of a bug class), and structured code auditing.

Use these to run serious, methodical security review. Install from the source repo into your skills directory.

Source

Maintained by Trail of Bits. Install and updates come from the official repository.

View on GitHub

Related Skills

security-auditor

Audits code and configuration for vulnerabilities: injection, broken auth, secrets, dependency risks, and insecure defaults. Reports severity-ranked findings with fixes.

ffuf-web-fuzzing

Authorized web fuzzing guidance with ffuf — content discovery and parameter fuzzing for security testing. Community skill.