secure-workflow-guide
secure-workflow-guide
Catalogue généré le 2026-05-11
En une phrase
Guides through Trail of Bits' 5-step secure development workflow.
Quand l'utiliser
- Voir la description ci-dessus et la section « Pour aller plus loin ».
Comment l'invoquer
- Slash command :
/secure-workflow-guide(si exposé dans ton CLI) - Phrases déclencheurs : voir la description complète ci-dessous
- Auto-invocation : sur demande explicite
Description complète
Guides through Trail of Bits' 5-step secure development workflow. Runs Slither scans, checks special features (upgradeability/ERC conformance/token integration), generates visual security diagrams, helps document security properties for fuzzing/verification, and reviews manual security areas.
Pour aller plus loin
Secure Workflow Guide
Purpose
Guides through Trail of Bits' secure development workflow - a 5-step process to enhance smart contract security throughout development.
Use this: On every check-in, before deployment, or when you want a security review
The 5-Step Workflow
Covers a security workflow including:
Step 1: Check for Known Security Issues
Run Slither with 70+ built-in detectors to find common vulnerabilities:
- Parse findings by severity
- Explain each issue with file references
- Recommend fixes
- Help triage false positives
Goal: Clean Slither report or documented triages
Step 2: Check Special Features
Detect and validate applicable features:
- Upgradeability: slither-check-upgradeability (17 upgrade risks)
- ERC conformance: slither-check-erc (6 common specs)
- Token integration: Recommend token-integration-analyzer skill
- Security properties: slither-prop for ERC20
(extrait — voir le SKILL.md complet pour la suite)
Source
- Plugin :
trailofbits/building-secure-contracts - Nom interne :
secure-workflow-guide - Fichier :
/home/thymon/.claude/plugins/cache/trailofbits/building-secure-contracts/1.0.1/skills/secure-workflow-guide/SKILL.md