Audit Context Building
技能 活跃Enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability or bug finding.
To enable AI agents to build ultra-granular, bottom-up architectural context for codebases, ensuring a stable and accurate understanding before proceeding to analysis or auditing phases.
功能
- Line-by-line code analysis
- Application of First Principles, 5 Whys, 5 Hows at micro-scale
- Building and maintaining a persistent global mental model
- Explicitly documenting invariants, assumptions, and risks
- Structured analysis format for functions and system flows
使用场景
- When deep comprehension is needed before bug or vulnerability discovery
- For bottom-up understanding instead of high-level guessing
- Reducing hallucinations, contradictions, and context loss in audits
- Preparing for security auditing, architecture review, or threat modeling
非目标
- Identifying vulnerabilities
- Proposing fixes
- Generating exploit reasoning
- Assigning severity or impact ratings
工作流
- Perform initial orientation and minimal mapping of modules, entrypoints, actors, and storage.
- Conduct ultra-granular analysis of each non-trivial function, including purpose, inputs, outputs, and block-by-block breakdown.
- Analyze cross-function and external calls as continuous execution flows, treating external calls without available code as adversarial.
- Reconstruct global system understanding by mapping state, invariants, workflows, trust boundaries, and complexity clusters.
- Apply stability and consistency rules, anchoring key facts and updating the model when contradicted.
Trust
- warning:Issues Attention13 issues opened and 4 closed in the last 90 days suggests a low closure rate, indicating potential delays in maintainer response.
安装
请先添加 Marketplace
/plugin marketplace add trailofbits/skills/plugin install audit-context-building@trailofbits质量评分
类似扩展
Pathfinder
100将代码库映射为按功能分组的流程图,识别不同功能之间的重复关注点,并提出统一的架构。在被要求“寻找理想路径”、统一重复系统或在重构前审计架构时使用。输出一个建议的统一流程图以及针对每个系统的“制定计划”提示。
Understand
100分析代码库以生成交互式知识图谱,用于理解架构、组件和关系
Assess Form
99Evaluate a system's current structural form, identify transformation pressure, and classify transformation readiness. Covers structural inventory, pressure mapping, rigidity assessment, change capacity estimation, and readiness classification for architectural metamorphosis. Use before any significant architectural change to understand the starting point, when a system feels stuck without clear reasons, when external pressure from growth or tech debt is mounting, or as periodic health checks for long-lived systems.
V3 Ddd Architecture
100Domain-Driven Design architecture for claude-flow v3. Implements modular, bounded context architecture with clean separation of concerns and microkernel pattern.
Cloud Architect
100Designs cloud architectures, creates migration plans, generates cost optimization recommendations, and produces disaster recovery strategies across AWS, Azure, and GCP. Use when designing cloud architectures, planning migrations, or optimizing multi-cloud deployments. Invoke for Well-Architected Framework, cost optimization, disaster recovery, landing zones, security architecture, serverless design.
API Design Patterns
100Comprehensive API design patterns covering REST, GraphQL, gRPC, versioning, authentication, and modern API best practices