Audit Context Building
Skill AktivEnables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
To enable AI agents to build ultra-granular, bottom-up architectural context for codebases, ensuring a stable and accurate understanding before proceeding to analysis or auditing phases.
Funktionen
- Line-by-line code analysis
- Application of First Principles, 5 Whys, 5 Hows at micro-scale
- Building and maintaining a persistent global mental model
- Explicitly documenting invariants, assumptions, and risks
- Structured analysis format for functions and system flows
Anwendungsfälle
- When deep comprehension is needed before bug or vulnerability discovery
- For bottom-up understanding instead of high-level guessing
- Reducing hallucinations, contradictions, and context loss in audits
- Preparing for security auditing, architecture review, or threat modeling
Nicht-Ziele
- Identifying vulnerabilities
- Proposing fixes
- Generating exploit reasoning
- Assigning severity or impact ratings
Workflow
- Perform initial orientation and minimal mapping of modules, entrypoints, actors, and storage.
- Conduct ultra-granular analysis of each non-trivial function, including purpose, inputs, outputs, and block-by-block breakdown.
- Analyze cross-function and external calls as continuous execution flows, treating external calls without available code as adversarial.
- Reconstruct global system understanding by mapping state, invariants, workflows, trust boundaries, and complexity clusters.
- Apply stability and consistency rules, anchoring key facts and updating the model when contradicted.
Trust
- warning:Issues Attention13 issues opened and 4 closed in the last 90 days suggests a low closure rate, indicating potential delays in maintainer response.
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add trailofbits/skills/plugin install audit-context-building@trailofbitsQualitätspunktzahl
Vertrauenssignale
Ähnliche Erweiterungen
Pathfinder
100Ordnet eine Codebasis in Feature-gruppierte Flussdiagramme ein, identifiziert doppelte Belange über Features hinweg und schlägt eine einheitliche Architektur vor. Wird verwendet, wenn nach "dem idealen Pfad" gefragt wird, duplizierte Systeme vereinheitlicht oder die Architektur vor einem Refactoring auditiert werden soll. Gibt ein vorgeschlagenes einheitliches Flussdiagramm sowie Prompts zum Erstellen eines Plans pro System aus.
Understand
100Analysieren Sie eine Codebasis, um einen interaktiven Wissensgraphen zur Verständnis von Architektur, Komponenten und Beziehungen zu erstellen
Assess Form
99Evaluate a system's current structural form, identify transformation pressure, and classify transformation readiness. Covers structural inventory, pressure mapping, rigidity assessment, change capacity estimation, and readiness classification for architectural metamorphosis. Use before any significant architectural change to understand the starting point, when a system feels stuck without clear reasons, when external pressure from growth or tech debt is mounting, or as periodic health checks for long-lived systems.
V3 Ddd Architecture
100Domain-Driven Design architecture for claude-flow v3. Implements modular, bounded context architecture with clean separation of concerns and microkernel pattern.
Cloud Architect
100Designs cloud architectures, creates migration plans, generates cost optimization recommendations, and produces disaster recovery strategies across AWS, Azure, and GCP. Use when designing cloud architectures, planning migrations, or optimizing multi-cloud deployments. Invoke for Well-Architected Framework, cost optimization, disaster recovery, landing zones, security architecture, serverless design.
API Design Patterns
100Comprehensive API design patterns covering REST, GraphQL, gRPC, versioning, authentication, and modern API best practices