trailofbits
Are you trailofbits? Claim your skills.
trailofbits / agentic-actions-auditor
Audits GitHub Actions workflows for security vulnerabilities in AI integrations, ensuring CI/CD pipeline safety against prompt injection risks.
trailofbits / audit-context-building
Facilitates detailed, line-by-line code analysis for enhanced architectural understanding before identifying vulnerabilities.
trailofbits / ton-vulnerability-scanner
Scans TON smart contracts for critical vulnerabilities, ensuring secure deployment and compliance in blockchain applications.
trailofbits / devcontainer-setup
Sets up isolated development environments with language-specific tooling using Claude Code for efficient project development.
trailofbits / fp-check
Verifies security bugs to eliminate false positives, providing documented evidence for each finding.
trailofbits / property-based-testing
Guides property-based testing across languages and smart contracts, enhancing test coverage and code validation.
trailofbits / seatbelt-sandboxer
Generates minimal macOS Seatbelt sandbox configurations for isolating applications, enhancing security through allowlist-based profiles.
trailofbits / semgrep-rule-creator
Facilitates the creation of custom Semgrep rules to detect security vulnerabilities and code patterns through a structured approach.
trailofbits / sharp-edges
Evaluates APIs and configurations for security vulnerabilities, ensuring developers follow secure design principles to prevent misuse.
trailofbits / spec-to-code-compliance
Verifies blockchain code compliance with documentation, ensuring alignment with specifications and identifying gaps in implementation.
trailofbits / codeql
Analyzes codebases for security vulnerabilities using CodeQL's advanced data flow and taint tracking techniques.
trailofbits / semgrep
Conducts static analysis scans on codebases using Semgrep to identify vulnerabilities and bugs efficiently.
trailofbits / supply-chain-risk-auditor
Evaluates project dependencies to identify risks of exploitation or takeover, enhancing supply chain security assessments.
trailofbits / secure-workflow-guide
Enhances smart contract security with a structured 5-step workflow, including automated scans and manual reviews.
trailofbits / solana-vulnerability-scanner
Scans Solana programs for critical vulnerabilities, ensuring security in cross-program invocations and account validations.
trailofbits / substrate-vulnerability-scanner
Scans Substrate/Polkadot pallets for critical vulnerabilities, ensuring secure and robust blockchain runtime modules.
trailofbits / token-integration-analyzer
Analyzes token implementations for ERC20/ERC721 conformity and identifies security risks using a comprehensive checklist.
trailofbits / modern-python
Configures Python projects with modern tooling for efficient development, dependency management, and migration from legacy systems.
trailofbits / sarif-parsing
Processes SARIF files from static analysis tools, enabling effective reading, deduplication, and CI/CD integration of scan results.
trailofbits / gh-cli
Enforces authenticated GitHub CLI workflows for secure API access, enhancing interactions with repositories, pull requests, and issues.