Skip to main content

secure-workflow-guide

secure-workflow-guide

Catalogue généré le 2026-05-11

En une phrase

Guides through Trail of Bits' 5-step secure development workflow.

Quand l'utiliser

  • Voir la description ci-dessus et la section « Pour aller plus loin ».

Comment l'invoquer

  • Slash command : /secure-workflow-guide (si exposé dans ton CLI)
  • Phrases déclencheurs : voir la description complète ci-dessous
  • Auto-invocation : sur demande explicite

Description complète

Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.

Pour aller plus loin

Secure Workflow Guide

Purpose

Guides through Trail of Bits' secure development workflow - a 5-step process to enhance smart contract security throughout development.

Use this: On every check-in, before deployment, or when you want a security review


The 5-Step Workflow

Covers a security workflow including:

Step 1: Check for Known Security Issues

Run Slither with 70+ built-in detectors to find common vulnerabilities:

  • Parse findings by severity
  • Explain each issue with file references
  • Recommend fixes
  • Help triage false positives

Goal: Clean Slither report or documented triages

Step 2: Check Special Features

Detect and validate applicable features:

  • Upgradeability: slither-check-upgradeability (17 upgrade risks)
  • ERC conformance: slither-check-erc (6 common specs)
  • Token integration: Recommend token-integration-analyzer skill
  • Security properties: slither-prop for ERC20

(extrait — voir le SKILL.md complet pour la suite)

Source

  • Plugin : trailofbits/building-secure-contracts
  • Nom interne : secure-workflow-guide
  • Fichier : /home/thymon/.claude/plugins/cache/trailofbits/building-secure-contracts/1.0.1/skills/secure-workflow-guide/SKILL.md