trailofbits/skills
These skills were imported into SkillJury from the public skills ecosystem.
libfuzzer
Coverage-guided fuzzer built into LLVM for finding bugs in C/C++ code with minimal setup.
ossfuzz
Free distributed continuous fuzzing infrastructure for open-source projects with integrated coverage and bug tracking.
ruzzy
Coverage-guided fuzzer for Ruby code and C extensions with memory sanitizer support.
seatbelt-sandboxer
Generate minimal, allowlist-based macOS Seatbelt sandbox profiles for application isolation.
second-opinion
Independent code review from external LLMs (OpenAI Codex or Google Gemini CLI) on uncommitted changes, branch diffs, or specific commits.
semgrep-rule-variant-creator
Port existing Semgrep rules to new target languages with applicability analysis and test-driven validation.
skill-improver
Iteratively refines Claude Code skills through automated review-fix cycles until quality standards are met.
substrate-vulnerability-scanner
Scans Substrate pallets for 7 critical vulnerabilities including arithmetic overflow, panic DoS, and bad origin checks.
testing-handbook-generator
Meta-skill that generates Claude Code skills from the Trail of Bits Testing Handbook.
ton-vulnerability-scanner
Scans TON smart contracts for 3 critical vulnerabilities: integer-as-boolean misuse, fake Jetton contracts, and unsafe gas forwarding.
wycheproof
Comprehensive test vectors for validating cryptographic implementations against known attacks and edge cases.
yara-rule-authoring
Detection rules for malware that balance specificity with performance, avoiding false positives through careful string selection and atom optimization.
zeroize-audit
Detects missing and compiler-optimized-away zeroization of sensitive data in C/C++/Rust source code with assembly and IR-level proof.