{"$schema":"https://top-agent-skills.com/schemas/skill.v1.json","name":"trail-of-bits","slug":"trail-of-bits","canonical":"https://top-agent-skills.com/skill/trail-of-bits","description":"CodeQL + Semgrep static analysis, vulnerability detection, audit workflows from a top-tier security firm.","tagline":"Security audits run by a real security firm. CodeQL + Semgrep + audit workflows.","bestFor":"Pre-release vulnerability scans, ongoing security review.","notIdealFor":null,"publisher":{"name":"Trail of Bits","url":"https://github.com/trailofbits/skills","tier":"verified-org"},"license":"Apache-2.0","isOpenSource":true,"surfaces":["claude-code"],"compatibility":["claude-code","cursor","codex"],"capabilityLevel":"read-only","setup":{"time":"3 min","complexity":"Medium"},"install":[{"agent":"claude-code","command":"npx skills add trailofbits/skills","manual":null,"followUp":null},{"agent":"cursor","command":"npx skills add trailofbits/skills --target cursor","manual":null,"followUp":null},{"agent":"codex","command":"codex skills add trailofbits/skills/skills/trail-of-bits","manual":null,"followUp":null}],"taxonomy":{"primaryCategories":["security-auditing","code-quality-review"],"verticalCategories":["security","engineering"],"tags":["CodeQL","Semgrep","Audit"],"filters":["verified-org","open-source","one-command-install","read-only","bundles-scripts","agent-friendly","works-with-claude-code","works-with-cursor"]},"links":{"github":"https://github.com/trailofbits/skills","docs":null,"website":null},"_meta":{"score":{"value":53,"rubric":"1.0","inputs":{"installCount":0,"provenance":12.8,"githubStars":0,"recency":8.5,"compatibility":6,"documentation":6.5,"installErgonomics":10,"license":5,"verification":4.3}},"stats":{"installCount":null,"githubStars":null,"lastUpdated":"2026-04-22","verifiedAt":"2026-04-29"}}}