Cargo Fuzz
cargo-fuzz is the de facto fuzzing tool for Rust projects using Cargo. Use for fuzzing Rust code with libFuzzer backend.
Overview
Cargo Fuzz is a SKILL.md-based agent skill sourced from trailofbits/skills. It is categorized under security and is listed for Claude Code, Claude, Cursor. The source description focuses on: cargo-fuzz is the de facto fuzzing tool for Rust projects using Cargo. Use for fuzzing Rust code with libFuzzer backend. AIToolly summarizes this page as a directory entry rather than copying the full third-party skill content, so users can evaluate the source, compatibility, and practical fit before installing it.
Use Cases
Install Notes
# Review source first
open https://github.com/trailofbits/skills/blob/main/plugins/testing-handbook-skills/skills/cargo-fuzz/SKILL.mdCopy or clone the skill folder into your agent skills directory after reviewing its instructions and scripts.
Security Notes
Review the source SKILL.md, referenced scripts, permissions, and external services before installing Cargo Fuzz. Treat third-party skills like code dependencies, especially when they can read files, call APIs, or run commands.
Related Skills
Skill Improver
trailofbits/skills
Iteratively reviews and fixes Claude Code skill quality issues until they meet standards. Runs automated fix-review cycles using the skill-reviewer agent. Use to fix skill quality issues, improve skill descriptions, run automated skill review loops, or iteratively refine a skill. Triggers on 'fix my skill', 'improve sk
Sarif Parsing
trailofbits/skills
Parses and processes SARIF files from static analysis tools like CodeQL, Semgrep, or other scanners. Triggers on "parse sarif", "read scan results", "aggregate findings", "deduplicate alerts", or "process sarif output". Handles filtering, deduplication, format conversion, and CI/CD integration of SARIF data. Does NOT r
Semgrep
trailofbits/skills
Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Automatically detects and uses Semgrep Pro for cross-file taint analysis when available. Use when asked to scan code for v
Supply Chain Risk Auditor
trailofbits/skills
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.
Fuzzing Obstacles
trailofbits/skills
Techniques for patching code to overcome fuzzing obstacles. Use when checksums, global state, or other barriers block fuzzer progress.
Testing Handbook Generator
trailofbits/skills
Meta-skill that analyzes the Trail of Bits Testing Handbook (appsec.guide) and generates Claude Code skills for security testing tools and techniques. Use when creating new skills based on handbook content.