Skills

fix-review

Installation
Summary

Verifies security audit fixes are correctly implemented without introducing new bugs.

  • Analyzes commit ranges against security findings (Trail of Bits format, numbered findings, or JSON) to confirm root causes are addressed, not just symptoms
  • Assigns status to each finding: FIXED, PARTIALLY_FIXED, NOT_ADDRESSED, or CANNOT_DETERMINE, with evidence linking commits to specific code changes
  • Detects bug introduction patterns including access control weakening, validation removal, error handling reduction, and cryptographic degradation
  • Generates detailed markdown reports mapping findings to commits with per-commit analysis and recommendations for follow-up actions
SKILL.md

Fix Review

Differential analysis to verify commits address security findings without introducing bugs.

When to Use

  • Reviewing fix branches against security audit reports
  • Validating that remediation commits actually address findings
  • Checking if specific findings (TOB-XXX format) have been fixed
  • Analyzing commit ranges for bug introduction patterns
  • Cross-referencing code changes with audit recommendations

When NOT to Use

  • Initial security audits (use audit-context-building or differential-review)
  • Code review without a specific baseline or finding set
  • Greenfield development with no prior audit
  • Documentation-only changes
Related skills

More from trailofbits/skills

Installs
403
Repository
trailofbits/skills
GitHub Stars
5.1K
First Seen
Jan 19, 2026
Security Audits
Gen Agent Trust HubFail
SocketPass
SnykWarn