Variant Analysis
Skill ActiveFind similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.
To systematically find variants of known vulnerabilities and bugs across codebases, aiding security audits and query development.
Features
- Pattern-based analysis for vulnerability variants
- Iterative generalization process
- Guidance on false positive management
- Tool selection for different analysis needs
- Methodology for root cause analysis
Use Cases
- Hunting bug variants after finding an initial issue
- Building or refining security query patterns (CodeQL/Semgrep)
- Performing systematic code audits
- Analyzing security vulnerabilities
Non-Goals
- Initial vulnerability discovery without a known pattern
- General code review without a specific pattern
- Writing fix recommendations
- Deep comprehension of unfamiliar code without prior analysis
Trust
- warning:Issues AttentionIn the last 90 days, 13 issues were opened and 4 were closed, indicating a closure rate below 50% and potentially slow maintainer response.
Installation
First, add the marketplace
/plugin marketplace add trailofbits/skills/plugin install variant-analysis@trailofbitsQuality Score
Trust Signals
Similar Extensions
Semgrep Rule Creator
100Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.
CodeQL Static Analysis
99Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. Triggers on "run codeql", "codeql scan", "codeql analysis", "build codeql database", or "find vulnerabilities with codeql". Supports "run all" (security-and-quality + security-experimental suites) and "important only" (high-precision security findings) scan modes. Also handles creating data extension models and processing CodeQL SARIF output.
Semgrep
75Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Automatically detects and uses Semgrep Pro for cross-file taint analysis when available. Use when asked to scan code for vulnerabilities, run a security audit with Semgrep, find bugs, or perform static analysis. Spawns parallel workers for multi-language codebases.
Janitor Usage
100Show which skills you use and which you never use
Secrets Management
100Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
Safe Mode
100Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.