Skills

# Trail of Bits Skills Marketplace

A Claude Code plugin marketplace from Trail of Bits providing skills to enhance AI-assisted security analysis, testing, and development workflows.

> Also see: [claude-code-config](https://github.com/trailofbits/claude-code-config) · [skills-curated](https://github.com/trailofbits/skills-curated) · [claude-code-devcontainer](https://github.com/trailofbits/claude-code-devcontainer) · [dropkit](https://github.com/trailofbits/dropkit)

## Installation

### Add the Marketplace

``` /plugin marketplace add trailofbits/skills ```

### Browse and Install Plugins

``` /plugin menu ```

### Local Development

To add the marketplace locally (e.g., for testing or development), navigate to the **parent directory** of this repository:

``` cd /path/to/parent # e.g., if repo is at ~/projects/skills, be in ~/projects /plugins marketplace add ./skills ```

## Available Plugins

### Smart Contract Security

| Plugin | Description | |--------|-------------| | [building-secure-contracts](plugins/building-secure-contracts/) | Smart contract security toolkit with vulnerability scanners for 6 blockchains | | [entry-point-analyzer](plugins/entry-point-analyzer/) | Identify state-changing entry points in smart contracts for security auditing |

### Code Auditing

| Plugin | Description | |--------|-------------| | [agentic-actions-auditor](plugins/agentic-actions-auditor/) | Audit GitHub Actions workflows for AI agent security vulnerabilities | | [audit-context-building](plugins/audit-context-building/) | Build deep architectural context through ultra-granular code analysis | | [burpsuite-project-parser](plugins/burpsuite-project-parser/) | Search and extract data from Burp Suite project files | | [differential-review](plugins/differential-review/) | Security-focused differential review of code changes with git history analysis | | [insecure-defaults](plugins/insecure-defaults/) | Detect insecure default configurations, hardcoded credentials, and fail-o