Wycheproof
Skill ActiveWycheproof provides test vectors for validating cryptographic implementations. Use when testing crypto code for known attacks and edge cases.
To equip developers and security auditors with a robust set of test vectors to ensure the correctness and security of cryptographic implementations.
Features
- Provides test vectors for numerous cryptographic algorithms
- Details on test file structure and attributes
- Implementation guides for various languages (Python, JavaScript)
- Guidance on CI integration and updating test vectors
- Explanations of common cryptographic vulnerabilities
Use Cases
- Validating AES-GCM, ECDSA, ECDH, RSA, and other cryptographic implementations
- Testing crypto code for known attacks and edge cases
- Setting up CI/CD pipelines for cryptographic libraries
- Auditing third-party cryptographic code for correctness
Non-Goals
- Finding new, unknown bugs (use fuzzing instead)
- Testing for timing side-channels (use constant-time testing tools)
- Testing custom or experimental cryptographic algorithms
Workflow
- Setup: Add Wycheproof as submodule or fetch test vectors
- Parse Test Vectors: Load JSON file and filter by parameters
- Write Harness: Test valid and invalid cases
- CI Integration: Auto-update test vectors
Trust
- warning:Issues AttentionIn the last 90 days, 13 issues were opened and 4 were closed, indicating maintainers respond slowly to open issues.
Installation
First, add the marketplace
/plugin marketplace add trailofbits/skills/plugin install testing-handbook-skills@trailofbitsQuality Score
Trust Signals
Similar Extensions
Context Mode Ops
100Manage context-mode GitHub issues, PRs, releases, and marketing with parallel subagent army. Orchestrates 10-20 dynamic agents per task. Use when triaging issues, reviewing PRs, releasing versions, writing LinkedIn posts, announcing releases, fixing bugs, merging contributions, validating ENV vars, testing adapters, or syncing branches.
Senior Backend Engineer
100Designs and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database migrations", or "load test APIs". Covers Node.js/Express/Fastify development, PostgreSQL optimization, API security, and backend architecture patterns.
Openclaw Testing
100Choose, run, rerun, or debug OpenClaw tests, CI checks, Docker E2E lanes, release validation, and the cheapest safe verification path.
Crabbox
100Use Crabbox for OpenClaw remote validation across Linux, macOS, Windows, and WSL2. Default to Blacksmith Testbox for broad Linux proof; includes direct Blacksmith and owned AWS/Hetzner fallback notes when Crabbox fails.
Plugin Test Runner
100Runs automated tests to validate plugin integrity across 14 categories. Use before creating PRs, after making changes to skills or templates, or to verify plugin health.
Perform Csv Assessment
99Perform a Computer Systems Validation (CSV) assessment following GAMP 5 methodology. Covers user requirements, risk assessment, IQ/OQ/PQ planning, traceability matrix creation, and validation summary reporting. Use when a new computerized system is being introduced in a GxP environment, when an existing validated system is undergoing significant change, when periodic revalidation is required, or when a regulatory inspection demands a validation gap analysis.