Security & Testing Agent Skills

Clerk Authentication Security Basics

Hardens your application's Clerk authentication implementation using industry security best practices and verified implementation patterns.

Vercel Security & Access Control

Implements industry-standard security best practices for Vercel environment variables, secrets, and project access controls.

Playwright Failure Analyzer

Diagnoses and fixes Playwright E2E test failures by analyzing CI reports, screenshots, and GraphQL network traces.

Wycheproof Crypto Testing

Validates cryptographic implementations against known attack vectors and edge cases using Project Wycheproof test vectors.

Burp Suite Security Testing

Performs professional web application security auditing and HTTP traffic manipulation using Burp Suite's core testing tools.

Fuzzing Obstacle Bypass

Patches System Under Test (SUT) code to bypass checksums, non-determinism, and validation barriers during fuzzing.

Deep Audit Context Builder

Facilitates ultra-granular, line-by-line code analysis to build comprehensive architectural context for security audits.

Constant-Time Analysis

Detects timing side-channel vulnerabilities in cryptographic code to prevent sensitive data leakage through execution timing.

Cargo Fuzz for Rust Security

Facilitates automated fuzz testing and vulnerability detection for Rust projects using the libFuzzer backend and Cargo.

LibAFL Security Fuzzing

Builds and configures custom, modular fuzzers for advanced security research and vulnerability detection.

Security Variant Analysis

Identifies similar vulnerabilities and bugs across codebases using systematic pattern-based analysis and advanced security tool integration.

CodeQL Security Analysis

Performs deep static analysis and vulnerability detection by querying codebases as searchable databases.

Entry Point Analyzer

Identifies and categorizes state-changing entry points in smart contract codebases to streamline security audits and map attack surfaces.

Testing Handbook Generator

Generates specialized Claude Code skills for security testing tools and techniques by analyzing the Trail of Bits Testing Handbook.

Fuzzing Coverage Analysis

Measures and analyzes code coverage during fuzzing campaigns to identify execution blockers and optimize harness effectiveness.

AddressSanitizer (ASan)

Detects memory errors like buffer overflows and use-after-free bugs during C/C++ fuzzing and security audits.

Constant-Time Security Testing

Detects and analyzes timing side-channel vulnerabilities in cryptographic code to prevent secret data leakage.

OSS-Fuzz Integration

Integrates OSS-Fuzz continuous fuzzing infrastructure into open-source projects for automated vulnerability detection and security auditing.

Ruzzy Ruby Fuzzer

Detects vulnerabilities in Ruby applications and C extensions using coverage-guided fuzzing and advanced sanitizer integration.

libFuzzer C/C++ Security Testing

Implements coverage-guided fuzzing for C/C++ projects using the LLVM-integrated libFuzzer toolchain.

Semgrep Static Analysis

Performs high-speed static analysis to identify security vulnerabilities and enforce coding standards across your codebase.

CodeQL Security Analysis

Performs deep static analysis and interprocedural taint tracking to detect complex security vulnerabilities across multi-function code paths.

Code Maturity Assessor

Evaluates codebase security and architectural maturity using the Trail of Bits 9-category framework to generate evidence-based scorecards and improvement roadmaps.

DWARF Debug Format Expert

Provides deep technical expertise for analyzing, parsing, and verifying DWARF debug information in compiled binaries.

Fuzzing Dictionary Generator

Guides fuzzing engines toward deep code paths by providing domain-specific tokens and protocol-specific keywords.

Burp Suite Project Parser

Searches and extracts security data from Burp Suite project files using regex patterns and command-line tools.

AFL++ Security Fuzzer

Automates high-performance multi-core fuzzing for C/C++ projects to detect security vulnerabilities and memory corruption issues.

Fuzzing Harness Writing

Provides expert guidance and implementation patterns for creating effective fuzzing harnesses across multiple programming languages.

Atheris Python Fuzzer

Perform coverage-guided fuzz testing for pure Python code and C extensions to detect security vulnerabilities and memory corruption.

Property-Based Testing

Implements advanced property-based testing patterns to identify edge cases and security vulnerabilities in code and smart contracts.