搜索结果
全部能力
找到 146 个相关结果 / 搜索与检索
安全与治理 / 审核评估
domain-authority-auditor
domain-authority-auditor
Use when auditing domain authority, trust, citations, or 域名权威/网站可信度. Runs 40-item CITE scoring with veto checks.
安全与治理 / 审核评估
fp-check
fp-check
Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence for…
安全与治理 / 审核评估
sharp-edges
sharp-edges
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration…
安全与治理 / 审核评估
audit-context-building
audit-context-building
Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
安全与治理 / 审核评估
x-api
x-api
X/Twitter API 集成,用于发布推文、推文串、读取时间线、搜索和数据分析。涵盖 OAuth 认证模式、速率限制以及平台原生……
安全与治理 / 审核评估
property-based-testing
property-based-testing
Provides guidance for property-based testing across multiple languages and smart contracts. Use when writing tests, reviewing code with…
安全与治理 / 审核评估
双重检查
doublecheck
用于AI输出的三层验证管道。提取可验证的声明,通过网络搜索查找支持或反驳的来源,并运行对抗性审查…
安全与治理 / 审核评估
gh-cli
gh-cli
Enforces authenticated gh CLI workflows over unauthenticated curl/WebFetch patterns. Use when working with GitHub URLs, API access, pull requests, or issues.
安全与治理 / 审核评估
solana-vulnerability-scanner
solana-vulnerability-scanner
Scans Solana programs for 6 critical vulnerabilities including arbitrary CPI, improper PDA validation, missing signer/ownership checks, and sysvar spoofing.…
安全与治理 / 审核评估
entry-point-analyzer
entry-point-analyzer
Analyzes smart contract codebases to identify state-changing entry points for security auditing. Detects externally callable functions that modify state,…
安全与治理 / 审核评估
semgrep-rule-creator
semgrep-rule-creator
Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static…
安全与治理 / 审核评估
audit-prep-assistant
audit-prep-assistant
Prepares codebases for security review using Trail of Bits' checklist. Helps set review goals, runs static analysis tools, increases test coverage, removes…
安全与治理 / 审核评估
fuzzing-obstacles
fuzzing-obstacles
Techniques for patching code to overcome fuzzing obstacles. Use when checksums, global state, or other barriers block fuzzer progress.
安全与治理 / 审核评估
coverage-analysis
coverage-analysis
Coverage analysis measures code exercised during fuzzing. Use when assessing harness effectiveness or identifying fuzzing blockers.
安全与治理 / 审核评估
firebase-apk-scanner
firebase-apk-scanner
Scans Android APKs for Firebase security misconfigurations including open databases, storage buckets, authentication issues, and exposed cloud functions. Use…
安全与治理 / 审核评估
Search and retrieve content from Reddit. Get posts, comments, subreddit info, and user profiles via the public JSON API. Use when user mentions Reddit, a…
安全与治理 / 审核评估
constant-time-analysis
constant-time-analysis
Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets,…
安全与治理 / 审核评估
fuzzing-dictionary
fuzzing-dictionary
Fuzzing dictionaries guide fuzzers with domain-specific tokens. Use when fuzzing parsers, protocols, or format-specific code.
安全与治理 / 审核评估
semgrep-rule-variant-creator
semgrep-rule-variant-creator
Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target languages. Takes an existing rule and target languages…
安全与治理 / 审核评估
cosmos-vulnerability-scanner
cosmos-vulnerability-scanner
Scans Cosmos SDK blockchain modules and CosmWasm contracts for consensus-critical vulnerabilities — chain halts, fund loss, state divergence. 25 core + 16 IBC…