Trail of Bits Security Skills
by Trail of Bits
Trail of Bits -- the security firm that audits Ethereum, Solana, and half the DeFi protocols you've heard of -- open-sourced 40 Claude Code plugins that turn your coding agent into a security researcher. Not generic 'check for SQL injection' advice. These are the same audit workflows their $500/hr consultants use, packaged as skills your AI agent can execute. The collection spans 10 categories: smart contract security (vulnerability scanners for 6 blockchains), code auditing (13 plugins covering differential review, semgrep rule creation, supply chain risk analysis, static analysis with CodeQL), malware analysis (YARA rule authoring with linting), verification (property-based testing, constant-time analysis, spec-to-code compliance), reverse engineering (DWARF debugging format expertise), mobile security (Firebase APK scanning), and development tooling (10 plugins for everything from sandboxing to Git cleanup). The standout plugins are the ones that encode institutional knowledge you can't get from documentation. The differential-review skill doesn't just diff code -- it applies Trail of Bits' mental model for spotting what changed that could introduce a vulnerability. The supply-chain-risk-auditor checks your dependencies against known attack patterns they've seen across hundreds of real audits. The testing-handbook-skills plugin was generated directly from Trail of Bits' internal Application Security Testing Handbook. Installation through Claude Code's plugin marketplace takes one command. You can also clone the repo and register plugins locally for development. Each plugin ships with its own CLAUDE.md that defines the skill's scope, limitations, and expected behavior -- so your agent knows what it can and can't do. Trail of Bits also maintains a separate curated repository (trailofbits/skills-curated) where every skill and marketplace has been vetted for quality and safety. And their companion repo (trailofbits/claude-code-config) provides opinionated defaults for sandboxing, permissions, hooks, and MCP server configuration -- the security-hardened Claude Code setup they actually use internally. The limitation worth knowing: these skills make your agent better at security analysis, but they don't replace a professional audit. Complex vulnerability chains, business logic flaws, and novel attack vectors still require human expertise. The skills are force multipliers for security-conscious developers, not replacements for Trail of Bits' consulting engagements.
Installation
Key Features
- ✓40 plugins across 10 categories: smart contracts, code auditing, malware analysis, verification, reverse engineering, and more
- ✓Smart contract vulnerability scanning for 6 blockchains using Trail of Bits' audit methodology
- ✓13 code auditing plugins: differential review, semgrep rules, supply chain risk, static analysis with CodeQL
- ✓Testing handbook skills generated from Trail of Bits' internal Application Security Testing Handbook
- ✓YARA rule authoring with automated linting for malware detection workflows
- ✓Property-based testing, constant-time analysis, and spec-to-code compliance verification
- ✓Companion curated repo with quality-vetted plugins and security-hardened Claude Code configuration
- ✓Each plugin includes CLAUDE.md defining scope, limitations, and expected behavior
Use Cases
- →Run a security-focused differential code review before merging a PR -- the agent applies Trail of Bits' mental model for spotting vulnerability-introducing changes
- →Audit a Solidity smart contract for known vulnerability patterns across 6 supported blockchains before deployment
- →Generate and lint YARA detection rules for a malware sample your incident response team is investigating
- →Check your project's dependency tree against known supply chain attack patterns from Trail of Bits' audit database
- →Verify that cryptographic code runs in constant time using the constant-time-analysis skill -- critical for preventing timing side-channel attacks