29 published skills

Security Agent Skills

Skills for security review, threat modeling, compliance checks, and secure engineering.

306
Skills
14
Categories
13
Repos
8
Agents

Graph Evolution

trailofbits/skills

Security

Compares Trailmark code graphs at two source code snapshots (git commits, tags, or directories) to surface security-relevant structural changes. Detects new attack paths, complexity shifts, blast radius growth, taint propagation changes, and privilege boundary modifications that text diffs miss. Use when comparing code

Claude CodeClaude
pythonsecuritytestingreview
5,853 starsSource linked

Diagramming Code

trailofbits/skills

Security

Generates Mermaid diagrams from Trailmark code graphs. Produces call graphs, class hierarchies, module dependency maps, containment diagrams, complexity heatmaps, and attack surface data flow visualizations. Use when visualizing code architecture, drawing call graphs, generating class diagrams, creating dependency maps

Claude CodeClaude
pythonsecuritytestingresearch
5,853 starsSource linked

Crypto Protocol Diagram

trailofbits/skills

Security

Extracts protocol message flow from source code, RFCs, academic papers, pseudocode, informal prose, ProVerif (.pv), or Tamarin (.spthy) models and generates Mermaid sequenceDiagrams with cryptographic annotations. Use when diagramming a crypto protocol, visualizing a handshake or key exchange flow, extracting message f

Claude CodeClaude
securityreviewresearchdata
5,853 starsSource linked

Trailmark Structural

trailofbits/skills

Security

Runs full Trailmark structural analysis on Trailmark 0.2.x by building a graph, running `preanalysis()`, and reporting hotspots, taint, blast radius, privilege boundaries, and attack surface. Use when vivisect needs detailed structural data for a target. Triggers: structural analysis, blast radius, taint analysis, comp

Claude CodeClaude
pythonsecurityresearchdata
5,853 starsSource linked

Mermaid To Proverif

trailofbits/skills

Security

Translates Mermaid sequenceDiagrams describing cryptographic protocols into ProVerif formal verification models (.pv files). Use when generating a ProVerif model, formally verifying a protocol, converting a Mermaid diagram to ProVerif, verifying protocol security properties (secrecy, authentication, forward secrecy), c

Claude CodeClaude
securityresearch
5,853 starsSource linked

Trailmark Summary

trailofbits/skills

Security

Runs a Trailmark summary analysis on a codebase. Returns auto-detected languages, entry point count, and dependency list. Use when vivisect or galvanize needs a quick structural overview. Triggers: trailmark summary, code summary, structural overview.

Claude CodeClaude
pythonsecurityresearchdata
5,853 starsSource linked

Variant Analysis

trailofbits/skills

Security

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.

Claude CodeClaude
pythonsecuritytestingreview
5,853 starsSource linked

Yara Rule Authoring

trailofbits/skills

Security

Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules. Covers naming conventions, string selection, performance optimization, migration from legacy YARA, and false positive reduction. Triggers on: YARA, YARA-X, malware detection, threat

Claude CodeClaude
designsecuritytestingreview
5,853 starsSource linked

Ossfuzz

trailofbits/skills

Security

OSS-Fuzz provides free continuous fuzzing for open source projects. Use when setting up continuous fuzzing infrastructure or enrolling projects.

Claude CodeClaude
pythonsecuritytestingresearch
5,853 starsSource linked

Trailmark

trailofbits/skills

Security

Builds and queries multi-language source code graphs for security analysis. Includes pre-analysis passes for blast radius, taint propagation, privilege boundaries, and entry point enumeration. Use when analyzing call paths, mapping attack surface, finding complexity hotspots, enumerating entry points, tracing taint pro

Claude CodeClaude
pythonsecuritytestingreview
5,853 starsSource linked

Skill Improver

trailofbits/skills

Security

Iteratively reviews and fixes Claude Code skill quality issues until they meet standards. Runs automated fix-review cycles using the skill-reviewer agent. Use to fix skill quality issues, improve skill descriptions, run automated skill review loops, or iteratively refine a skill. Triggers on 'fix my skill', 'improve sk

Claude CodeClaude
securityreviewresearch
5,853 starsSource linked

Sarif Parsing

trailofbits/skills

Security

Parses and processes SARIF files from static analysis tools like CodeQL, Semgrep, or other scanners. Triggers on "parse sarif", "read scan results", "aggregate findings", "deduplicate alerts", or "process sarif output". Handles filtering, deduplication, format conversion, and CI/CD integration of SARIF data. Does NOT r

Claude CodeClaude
pythonsecurityresearchdata
5,853 starsSource linked

Semgrep

trailofbits/skills

Security

Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Automatically detects and uses Semgrep Pro for cross-file taint analysis when available. Use when asked to scan code for v

Claude CodeClaude
pythonsecurityreviewresearch
5,853 starsSource linked

Supply Chain Risk Auditor

trailofbits/skills

Security

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

Claude CodeClaude
securityresearchdatagithub
5,853 starsSource linked

Cargo Fuzz

trailofbits/skills

Security

cargo-fuzz is the de facto fuzzing tool for Rust projects using Cargo. Use for fuzzing Rust code with libFuzzer backend.

Claude CodeClaudeCursor
securityresearchdatagithub
5,853 starsSource linked

Fuzzing Obstacles

trailofbits/skills

Security

Techniques for patching code to overcome fuzzing obstacles. Use when checksums, global state, or other barriers block fuzzer progress.

Claude CodeClaude
securitytestingreviewresearch
5,853 starsSource linked

Testing Handbook Generator

trailofbits/skills

Security

Meta-skill that analyzes the Trail of Bits Testing Handbook (appsec.guide) and generates Claude Code skills for security testing tools and techniques. Use when creating new skills based on handbook content.

Claude CodeClaude
securitytestingresearchgithub
5,853 starsSource linked

Ruzzy

trailofbits/skills

Security

Ruzzy is a coverage-guided Ruby fuzzer by Trail of Bits. Use for fuzzing pure Ruby code and Ruby C extensions.

Claude CodeClaude
securitytestingresearchdata
5,853 starsSource linked

Audit Augmentation

trailofbits/skills

Security

Augments Trailmark code graphs with external audit findings from SARIF static analysis results and weAudit annotation files. Maps findings to graph nodes by file and line overlap, creates severity-based subgraphs, and enables cross-referencing findings with pre-analysis data (blast radius, taint, etc.). Use when projec

Claude CodeClaude
pythonsecurityresearchdata
5,853 starsSource linked

Genotoxic

trailofbits/skills

Security

Graph-informed mutation testing triage. Parses codebases with Trailmark, runs mutation testing and necessist, then uses survived mutants, unnecessary test statements, and call graph data to identify false positives, missing test coverage, and fuzzing targets. Use when triaging survived mutants, analyzing mutation testi

Claude CodeClaude
typescriptpythonsecuritytesting
5,853 starsSource linked

LangGraph Human In The Loop

langchain-ai/langchain-skills

Security

INVOKE THIS SKILL when implementing human-in-the-loop patterns, pausing for approval, or handling errors in LangGraph. Covers interrupt(), Command(resume=...), approval/validation workflows, and the 4-tier error handling strategy.

CodexClaude
typescriptpythonreviewdata
817 starsSource linked

Swarm

langchain-ai/langchain-skills

Security

Dispatches many independent items in parallel: create a table, fan out to subagents, aggregate results. One row = one unit of work.

CodexClaude
typescriptsecurityreviewdata
817 starsSource linked

Deep Agents Memory

langchain-ai/langchain-skills

Security

INVOKE THIS SKILL when your Deep Agent needs memory, persistence, or filesystem access. Covers StateBackend (ephemeral), StoreBackend (persistent), FilesystemMiddleware, and CompositeBackend for routing.

CodexClaude
typescriptpythonsecurity
817 starsSource linked

LangChain Dependencies

langchain-ai/langchain-skills

Security

INVOKE THIS SKILL when setting up a new project or when asked about package versions, installation, or dependency management for LangChain, LangGraph, LangSmith, or Deep Agents. Covers required packages, minimum versions, environment requirements, versioning best practices, and common community tool packages for both P

ClaudeGemini
typescriptpythonsecurity
817 starsSource linked

Security Audit

TerminalSkills/skills

Security

Perform comprehensive security audits on codebases by scanning for OWASP Top 10 vulnerabilities, checking dependencies for known CVEs, detecting leaked secrets and API keys, and generating prioritized fix recommendations. This skill combines static analysis patterns with dependency auditing tools.

CodexClaude CodeClaude
securityauditdataanalysis
72 starsApache-2.0

AI Pentesting

TerminalSkills/skills

Security

Use AI agents to autonomously conduct penetration tests on web applications. Combine LLM reasoning with security tools (nmap, subfinder, nuclei, sqlmap, browser automation) to find and prove vulnerabilities with minimal human intervention.

CodexClaude CodeClaude
pythonsecuritytestingreview
71 starsApache-2.0

Agent Sandbox

TerminalSkills/skills

Security

AI agents execute code, modify files, and run shell commands. Without guardrails, a bad prompt or hallucination can delete your database, overwrite production configs, or exfiltrate secrets. This skill builds safety layers — sandboxed execution, filesystem restrictions, network policies, audit trails, and kill switches

CodexClaude CodeClaude
typescriptsecuritydata
71 starsApache-2.0

Aceternity UI

TerminalSkills/skills

Security

Aceternity UI is a copypaste component library — not an npm package. You copy the component code directly into your project, giving you full ownership and customization power. Components are built with Framer Motion and Tailwind CSS.

CodexClaude CodeClaude
typescriptreactsecurityros
71 starsApache-2.0

AI Guardrails

TerminalSkills/skills

Security

Add safety layers to AI applications — input validation, prompt injection detection, output filtering, content moderation, and policy enforcement. Prevent misuse without breaking legitimate use cases.

CodexClaude CodeClaude
pythonsecurityreviewapi
71 starsApache-2.0

Explore Agent Skills

Browse by agent platform, skill category, or practical SKILL.md implementation guide.

Platforms

Guides