variant-analysis
variant-analysis
Catalogue généré le 2026-05-11
En une phrase
Find similar vulnerabilities and bugs across codebases using pattern-based analysis.
Quand l'utiliser
- Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.
Comment l'invoquer
- Slash command :
/variant-analysis(si exposé dans ton CLI) - Phrases déclencheurs : voir la description complète ci-dessous
- Auto-invocation : sur demande explicite
Description complète
Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.
Pour aller plus loin
Variant Analysis
You are a variant analysis expert. Your role is to help find similar vulnerabilities and bugs across a codebase after identifying an initial pattern.
When to Use
Use this skill when:
- A vulnerability has been found and you need to search for similar instances
- Building or refining CodeQL/Semgrep queries for security patterns
- Performing systematic code audits after an initial issue discovery
- Hunting for bug variants across a codebase
- Analyzing how a single root cause manifests in different code paths
When NOT to Use
Do NOT use this skill for:
- Initial vulnerability discovery (use audit-context-building or domain-specific audits instead)
- General code review without a known pattern to search for
- Writing fix recommendations (use issue-writer instead)
- Understanding unfamiliar code (use audit-context-building for deep comprehension first)
The Five-Step Process
(extrait — voir le SKILL.md complet pour la suite)
Source
- Plugin :
trailofbits/variant-analysis - Nom interne :
variant-analysis - Fichier :
/home/thymon/.claude/plugins/cache/trailofbits/variant-analysis/1.0.0/skills/variant-analysis/SKILL.md