llm-binary-vuln-guide

Installation
SKILL.md

LLM-Based Binary Vulnerability Detection Guide

This skill provides research-backed techniques for using LLMs to detect vulnerabilities in binary code. It is loaded automatically when skwaq agents perform binary analysis to enhance their effectiveness.

Core Principle: Decompilation First

LLMs cannot effectively reason about raw bytes or assembly. Always decompile to pseudo-C before LLM analysis. Raw assembly has 98% cosine similarity across different CWE types, making classification impossible without lifting.

Pipeline: Binary → Disassembly → Decompilation (Ghidra) → LLM Enhancement → Vulnerability Analysis

Decompiled Code Optimization

Before sending decompiled output to an LLM, optimize it:

Installs
1
Repository
rysweet/skwaq
GitHub Stars
5
First Seen
Jun 12, 2026
llm-binary-vuln-guide — rysweet/skwaq