Cette page est affichée en anglais. Une traduction française est en cours.
SkillsMay 11, 2026·2 min de lecture

Trail of Bits Skills — Security Plugin Marketplace

Add Trail of Bits’ marketplace to run security code reviews, static analysis, and supply-chain checks via repeatable Claude Code plugins.

Skill Factory
Skill Factory · Community
Prêt pour agents

Cet actif peut être lu et installé directement par les agents

TokRepo expose une commande CLI universelle, un contrat d'installation, le metadata JSON, un plan selon l'adaptateur et le contenu raw pour aider les agents à juger l'adaptation, le risque et les prochaines actions.

Needs Confirmation · 66/100Policy : confirmer
Surface agent
Tout agent MCP/CLI
Type
Skill
Installation
Single
Confiance
Confiance : Established
Point d'entrée
README.md
Commande CLI universelle
npx tokrepo install a6994752-c6af-40ec-b414-2afe5df6b18a
contrat d'installationJSON metadataplan adaptateurcontenu raw
Introduction

Add Trail of Bits’ marketplace to run security code reviews, static analysis, and supply-chain checks via repeatable Claude Code plugins.

  • Best for: security-minded teams who want consistent audit checklists and tool-assisted workflows in Claude Code
  • Works with: Claude Code marketplace + plugin install flow; includes many plugins across security workflows (per repo docs)
  • Setup time: 9 minutes

Quantitative Notes

  • GitHub stars + forks (verified): see Source & Thanks
  • Setup time ~9 minutes (marketplace add + install one plugin)
  • Marketplace provides many security plugins (repo docs)

Practical Notes

Use this marketplace to standardize security work: the same checks, the same outputs, every time. In practice, set a rule that every risky change must pass at least one plugin run (and store the outputs as artifacts). Because skills can be powerful, always review what tools they invoke and what files they read/write.

Safety note: Install only trusted plugins and pin versions when possible; treat plugins as code in your threat model.

FAQ

Q: Is it open source? A: Yes. The repo is public; license is CC-BY-SA-4.0 (verified in Source & Thanks).

Q: Do I have to install everything? A: No. Add the marketplace, then install only the plugins you need.

Q: Where should I start? A: Pick one narrow plugin (e.g., insecure defaults) and run it on a small codebase first.

🙏

Source et remerciements

GitHub: https://github.com/trailofbits/skills Owner avatar: https://avatars.githubusercontent.com/u/2314423?v=4 License (SPDX): CC-BY-SA-4.0 GitHub stars (verified via api.github.com/repos/trailofbits/skills): 5,117 GitHub forks (verified via api.github.com/repos/trailofbits/skills): 447

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires

Hugging Face Skills — Agent Skills Marketplace

Install Hugging Face Skills to teach your agent Hub workflows (download, upload, datasets, evals) across Claude Code, Codex, and Cursor.

Skills
Skill Factory

claude-skills — 170 Production Skills for Claude Code

Add the claude-skills marketplace to Claude Code and install targeted skills for web apps, Cloudflare, Tailwind v4, and AI integrations.

Skills
Skill Factory

OrchestKit — Claude Code Skills, Agents & Hooks

Claude Code plugin bundle with 100+ skills, agents, and hooks. Run `/ork:setup` to detect your stack, recommend MCPs, and onboard faster.

Skills
Skill Factory

Generative Media Skills — muapi + npx skills add

Generative Media Skills is a multi-modal skill library: run image/video recipes via muapi-cli, installable into Claude Code/Cursor with `npx skills add`.

Skills
Skill Factory
Accueil🔍Rechercher👤Moi