Coverage Analysis
Skill ActiveCoverage analysis measures code exercised during fuzzing. Use when assessing harness effectiveness or identifying fuzzing blockers.
To enable users to effectively measure and improve the code coverage achieved by their fuzzing efforts, leading to more robust and comprehensive security testing.
Features
- Coverage instrumentation for C/C++ (LLVM/GCC) and Rust
- Step-by-step guide for corpus execution and profile data generation
- Detailed instructions for generating text and HTML coverage reports
- Analysis guidance for identifying uncovered code, magic values, and regressions
- Troubleshooting for common coverage analysis issues
Use Cases
- Establishing a baseline coverage for a new fuzzing campaign
- Assessing the effectiveness of harness modifications
- Investigating coverage plateaus during fuzzing
- Identifying code paths missed by fuzzers
Non-Goals
- Performing the fuzzing itself
- Writing fuzz harnesses
- Analyzing non-coverage related security vulnerabilities
- Providing real-time fuzzer statistics
Trust
- warning:Issues AttentionIn the last 90 days, 13 issues were opened and 4 were closed, indicating a low closure rate (24%) and potentially slow maintainer response.
Installation
First, add the marketplace
/plugin marketplace add trailofbits/skills/plugin install testing-handbook-skills@trailofbitsQuality Score
Trust Signals
Similar Extensions
Semgrep Rule Creator
100Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.
Safe Mode
100Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.
Fixflow
100Execute coding tasks with a strict delivery workflow: build a full plan, implement one step at a time, run tests continuously, and commit by default after each step (`per_step`). Support explicit commit policy overrides (`final_only`, `milestone`) and optional BDD (Given/When/Then) when users ask for behavior-driven delivery or requirements are unclear.
Definition Of Done
100Mandatory checks to run before completing any task that touches md files or dart code in this repository.
Ship Gate
100Pre-production audit that scans a codebase for security, database, deployment, code quality, AI/LLM, dependency, frontend, and observability issues. Intercepts deploy commands and blocks until critical items pass. Stack-agnostic. Use for "run ship gate", "am I ready to ship", "pre-launch audit", "can I deploy", "push to production", "go live checklist", "preflight check". Not for CI/CD setup or infra provisioning.
Senior Backend Engineer
100Designs and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database migrations", or "load test APIs". Covers Node.js/Express/Fastify development, PostgreSQL optimization, API security, and backend architecture patterns.