此内容尚未提供您的语言版本,正在以英文显示。

C Review

插件活跃

Comprehensive C/C++ security code review with specialized bug-finding agents covering memory safety, type safety, concurrency, and Linux/Windows userspace-specific issues

1 个 Skill 0 个 MCP

目的

To provide developers with a specialized and thorough security code review for native C/C++ projects, identifying critical vulnerabilities before deployment.

功能

Specialized bug-finding agents for C/C++
Multi-stage review process (inventory, analysis, dedup, FP/severity)
Support for Linux and Windows userspace code
Detailed reporting in Markdown and SARIF formats
Configurable threat model and severity filtering

使用场景

Auditing native C/C++ applications for security flaws
Reviewing daemons and services for memory safety
Hunting for integer overflows, use-after-free, and race conditions
Ensuring platform-specific security in Linux/Windows userspace code

非目标

Reviewing kernel drivers or modules
Analyzing managed languages like Java, C#, Python, Go, or Rust
Operating on embedded/bare-metal code without libc
Providing real-time code completion or editing assistance

Trust

warning:Issues Attention13 issues opened and 4 closed in the last 90 days, indicating a low closure rate and potentially slow maintainer response.

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills

/plugin install c-review@trailofbits

包含 1 个扩展

Skill (1)

C Review 技能

Performs comprehensive C/C++ security review for memory corruption, integer overflows, race conditions, and platform-specific vulnerabilities. Use when auditing native C/C++ applications, reviewing daemons or services for memory safety, or hunting integer overflow / use-after-free / race conditions in userspace code.

质量评分

75 /100

1 day ago 分析

信任信号

最近提交3 days ago

GitHub 所有者 trailofbits

星标5.2k

许可证CC-BY-SA-4.0

状态

查看源代码

类似扩展

Arm Cortex Microcontrollers

100

ARM Cortex-M firmware development for Teensy, STM32, nRF52, and SAMD with peripheral drivers and memory safety patterns

插件

wshobson

Review Agent Governance

Require a human approval signal before an AI agent can post PR reviews, comments, merges, or writes to CI config. Cedar-gated, receipt-signed, designed for the Hermes-style failure mode where a review bot posts without oversight.

插件

wshobson

Performance Testing Review

Performance analysis, test coverage review, and AI-powered code quality assessment

插件

wshobson

Comprehensive Review

Multi-perspective code analysis covering architecture, security, and best practices

插件

wshobson

Skill Improver

Automatically reviews and fixes Claude Code skills through iterative refinement until they meet quality standards. Requires plugin-dev plugin.

插件

trailofbits

Everything Claude Code

Battle-tested Claude Code plugin for engineering teams — 60 agents, 228 skills, 75 legacy command shims, production-ready hooks, and selective install workflows evolved through continuous real-world use

插件

affaan-m