Genotoxic
Skill AktivGraph-informed mutation testing triage. Parses codebases with Trailmark, runs mutation testing and necessist, then uses survived mutants, unnecessary test statements, and call graph data to identify false positives, missing test coverage, and fuzzing targets. Use when triaging survived mutants, analyzing mutation testing results, identifying test gaps, finding fuzzing targets from weak tests, running mutation frameworks (including circomvent and cairo-mutants), or using necessist.
To provide developers and security analysts with a systematic way to triage and prioritize issues found through mutation testing and test analysis, leading to more robust and secure code.
Funktionen
- Graph-informed mutation testing triage
- Analysis of survived mutants and test statement removals
- Identification of false positives, missing tests, and fuzzing targets
- Support for multiple mutation frameworks and languages
- Integration with code graph analysis for context
Anwendungsfälle
- Triaging survived mutants after mutation testing
- Analyzing mutation testing results to find test gaps
- Identifying functions that need fuzz harnesses instead of unit tests
- Prioritizing test improvements using data flow context
- Filtering harmless mutants and finding unnecessary test statements
Nicht-Ziele
- Replacing the need to write initial tests
- Performing pure documentation or configuration changes
- Analyzing single-file scripts with trivial logic
- Falling back to manual analysis when tooling is not installed
Workflow
- Build code graph with trailmark
- Run mutation testing framework
- Run necessist (optional, parallel)
- Triage findings using graph data
- Generate categorized report
Praktiken
- Mutation testing
- Test analysis
- Code quality
- Security analysis
Voraussetzungen
- trailmark installed
- A mutation testing framework for the target language
- necessist (optional, recommended)
- An existing test suite that passes
- macOS environment: Run 'ulimit -n 1024' before any 'mull-runner' invocation
Trust
- warning:Issues AttentionIn the last 90 days, 13 issues were opened and 4 were closed, indicating a slow response rate to open issues.
Installation
Zuerst Marketplace hinzufügen
/plugin marketplace add trailofbits/skills/plugin install trailmark@trailofbitsQualitätspunktzahl
Vertrauenssignale
Ähnliche Erweiterungen
Cleanup Cycles
100Detect and untangle circular dependencies. Runs madge/skott (TS), pycycle (Py), or compiler-only checks (Go/Rust). Auto-fixes leaf-extractable cycles; reports core cycles for human review. Use when the user asks to find circular imports, fix dependency cycles, or untangle module graph. Example queries — "find circular imports", "fix dependency cycles", "untangle our module graph", "why is madge complaining".
Lean Ctx
100Context Runtime für KI-Agenten — 59 MCP-Tools, 10 Lesemodi, über 95 Shell-Muster, Tree-sitter AST für 18 Sprachen. Komprimiert LLM-Kontext um bis zu 99%. Verwenden Sie es beim Lesen von Dateien, Ausführen von Shell-Befehlen, Suchen von Code oder Erkunden von Verzeichnissen. Automatische Installation, falls nicht vorhanden.
Semgrep Rule Creator
100Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.
Safe Mode
100Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.
Fixflow
100Führen Sie Codierungsaufgaben mit einem strengen Liefer-Workflow aus: Erstellen Sie einen vollständigen Plan, implementieren Sie Schritt für Schritt, führen Sie kontinuierlich Tests durch und committen Sie standardmäßig nach jedem Schritt (`per_step`). Unterstützt explizite Commit-Policy-Überschreibungen (`final_only`, `milestone`) und optional BDD (Given/When/Then), wenn Benutzer verhaltensgesteuerte Bereitstellung anfordern oder Anforderungen unklar sind.
Definition Of Done
100Mandatory checks to run before completing any task that touches md files or dart code in this repository.