Trail of Bits Skills Marketplace A Claude Code plugin marketplace from Trail of Bits providing skills to enhance AI-assisted security analysis, testing, and development workflows.
Also see: claude-code-config · skills-curated · claude-code-devcontainer · dropkit
/plugin marketplace add trailofbits/skills
Browse and Install Plugins To add the marketplace locally (e.g., for testing or development), navigate to the parent directory of this repository:
cd /path/to/parent # e.g., if repo is at ~/projects/skills, be in ~/projects
/plugins marketplace add ./skills
Plugin
Description
yara-authoring YARA detection rule authoring with linting, atom analysis, and best practices
Plugin
Description
dwarf-expert Interact with and understand the DWARF debugging format
Plugin
Description
ask-questions-if-underspecified Clarify requirements before implementing
devcontainer-setup Create pre-configured devcontainers with Claude Code and language-specific tooling
gh-cli Intercept GitHub URL fetches and redirect to the authenticated gh CLI
git-cleanup Safely clean up git worktrees and local branches with gated confirmation workflow
modern-python Modern Python tooling and best practices with uv, ruff, and pytest
second-opinion Run code reviews using external LLM CLIs (OpenAI Codex, Google Gemini) on changes, diffs, or commits. Bundles codex-mcp-server.
workflow-skill-design Design patterns for workflow-based Claude Code skills with review agent
Plugin
Description
culture-index Interpret Culture Index survey results for individuals and teams
Bugs discovered using Trail of Bits Skills. Found something? Let us know!
When reporting bugs you've found, feel free to mention:
Found using Trail of Bits Skills
We welcome contributions! Please see CLAUDE.md for skill authoring guidelines.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License .
Trail of Bits is a security research and consulting firm.