Cargo Fuzz
技能 活跃cargo-fuzz is the de facto fuzzing tool for Rust projects using Cargo. Use for fuzzing Rust code with libFuzzer backend.
To enable developers to efficiently fuzz Rust codebases using Cargo, identify bugs and security vulnerabilities, and improve code robustness.
功能
- Setup and installation of cargo-fuzz
- Writing fuzzing harnesses
- Running fuzzing campaigns
- Integrating with sanitizers (ASan)
- Coverage analysis
使用场景
- When developing new Rust projects and wanting to ensure code quality and security from the start.
- When identifying bugs or security vulnerabilities in existing Rust code.
- When needing to fuzz complex Rust libraries or applications that use Cargo.
非目标
- Fuzzing non-Rust projects or projects not using Cargo.
- Providing a backend other than libFuzzer.
- Replacing dedicated fuzzing platforms for extremely large-scale or complex distributed fuzzing campaigns (though it can be run in parallel).
Trust
- warning:Issues Attention13 issues opened and 4 closed in the last 90 days indicates a closure rate below 50% and a significant number of open issues.
Documentation
- info:READMEA README file exists and provides installation instructions and an overview of available plugins, but does not specifically detail the cargo-fuzz skill's functionality.
安装
请先添加 Marketplace
/plugin marketplace add trailofbits/skills/plugin install testing-handbook-skills@trailofbits质量评分
类似扩展
Senior Backend Engineer
100Designs and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database migrations", or "load test APIs". Covers Node.js/Express/Fastify development, PostgreSQL optimization, API security, and backend architecture patterns.
Lean Ctx
100AI 代理的上下文运行时 — 包含 59 个 MCP 工具、10 种读取模式、95+ 种 shell 模式、支持 18 种语言的 tree-sitter AST。将 LLM 上下文压缩高达 99%。用于读取文件、运行 shell 命令、搜索代码或探索目录。如果不存在,则自动安装。
Cleanup Cycles
100Detect and untangle circular dependencies. Runs madge/skott (TS), pycycle (Py), or compiler-only checks (Go/Rust). Auto-fixes leaf-extractable cycles; reports core cycles for human review. Use when the user asks to find circular imports, fix dependency cycles, or untangle module graph. Example queries — "find circular imports", "fix dependency cycles", "untangle our module graph", "why is madge complaining".
Running Tend
100Worktrunk 专用指南,用于 tend CI 工作流。在通用 tend-* 技能之上添加了 Codecov 轮询、Rust 测试命令、标签和审查标准。在 CI 环境中运行时使用。
Secrets Management
100Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.
Semgrep Rule Creator
100Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.