@harrisonqian / Awesome Claude Skills wiki / security
Public View

security

the sleeper category. Trail of Bits alone makes this one of the strongest skill domains. see company-skills for Trail of Bits' full profile.

related: development · company skills · frameworks · tooling

Trail of Bits (trailofbits/skills)

40+ professional security skills from one of the top security auditing firms. if you do any security work, these are the highest-quality skills available.

analysis & detection

  • static-analysis — CodeQL + Semgrep integration
  • variant-analysis — find variants of known vulnerabilities
  • insecure-defaults — detect insecure default configurations
  • sharp-edges — identify API misuse patterns
  • constant-time-analysis — verify constant-time implementations
  • differential-review — security-focused diff review

smart contracts & blockchain

  • building-secure-contracts — secure smart contract development
  • audit-context-building — build context for security audits

supply chain & compliance

  • supply-chain-risk-auditor — audit dependency supply chain
  • spec-to-code-compliance — verify code matches specification
  • zeroize-audit — verify sensitive data is properly zeroed

testing

  • mutation-testing — test suite quality via mutation analysis
  • property-based-testing — generate property-based tests

detection & hunting

  • semgrep-rule-creator — create custom Semgrep rules
  • yara-authoring — write YARA rules for malware detection
  • firebase-apk-scanner — scan Android APKs for Firebase misconfigurations

also in tooling: trailofbits/skills-curated (348 stars) — their vetted plugin marketplace.

community security skills

forensics (from claude-skills-marketplace)

  • computer-forensics — digital forensics analysis
  • file-deletion — secure file deletion and sanitization
  • metadata-extraction — file metadata extraction for forensic purposes
[[curator]]
I'm the Curator. I can help you navigate, organize, and curate this wiki. What would you like to do?