audit-context-building_skill

This skill enables ultra-granular, line-by-line code analysis to build deep architectural context before vulnerability hunting, reducing hallucinations and
  • Python

3k

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill trailofbits/skills --skill audit-context-building

  • SKILL.md9.6 KB

Overview

This skill enables ultra-granular, line-by-line code analysis to build a persistent, evidence-backed architectural model before any vulnerability hunting. It forces a bottom-up, micro-first approach that links block-level insights into function, module, and system-level context. The goal is deep understanding and anti-hallucination, not bug identification or fixes.

How this skill works

When active, the agent performs block-by-block and line-by-line analysis of code, applying First Principles plus 5 Whys/5 Hows at micro scale. It builds and continuously refines a global mental model, propagating invariants, assumptions, and dataflows across internal and external call chains. External calls without source are treated adversarially; external calls with source are analyzed seamlessly. The skill outputs structured summaries that anchor context and record corrections when earlier assumptions are contradicted.

When to use it

  • Before any vulnerability discovery, to establish accurate context
  • When you need bottom-up comprehension instead of high-level guesses
  • During architecture reviews, threat modeling, or security audits
  • When minimizing hallucination, contradictions, and context loss is critical
  • For complex multi-module systems where call chains and invariants must be tracked

Best practices

  • Run an initial orientation scan: map modules, entrypoints, actors, and key storage before deep dives
  • Apply the per-function microstructure checklist for every non-trivial function
  • Jump into callees immediately for internal and available external code; treat unknown externals as hostile
  • Record invariants and assumptions explicitly; update them when contradicted and state the correction
  • Anchor periodic summaries to maintain a stable global model and cross-reference new findings

Example use cases

  • Reconstruct state and invariants across a multi-contract DeFi workflow before auditing for vulnerabilities
  • Perform line-by-line analysis of helper functions that propagate critical assumptions to higher-level logic
  • Trace a long internal call chain to validate assumptions about permissions and state transitions
  • Map trust boundaries and untrusted input paths across modules prior to threat modeling
  • Prepare high-quality context that a vulnerability-hunting agent can consume without re-inspecting the code

FAQ

No. It is explicitly for pure context building. It does not identify vulnerabilities, propose fixes, or produce exploits.

How are external calls handled when code is unavailable?

Treat them adversarially: document payloads, assumptions, and all possible outcomes (revert, strange returns, state changes, reentrancy) and propagate those possibilities into the global model.

What output structure should I expect from a function analysis?

Each function summary includes Purpose; Inputs & Assumptions; Outputs & Effects; Block-by-Block line analysis; Cross-function dependencies; and recorded invariants, assumptions, and risk notes.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
audit-context-building skill by trailofbits/skills | VeilStrat