Setup & Installation
npx skills add https://github.com/trailofbits/variant-analysis --skill variant-analysis
https://github.com/trailofbits/variant-analysis
View on GitHubWhat This Skill Does
Variant analysis skill for finding similar vulnerabilities across a codebase after an initial bug is identified. It guides systematic pattern generalization using ripgrep, Semgrep, and CodeQL, moving from exact matches to broader search patterns while tracking false positive rates. Covers interprocedural analysis, taint tracking, and structured triage of results. Manual variant hunting typically stops at the original file or uses one-off grep patterns that miss semantically related constructs across languages, while this skill enforces incremental generalization with false positive tracking so you cover the full vulnerability class without drowning in noise.
When to use it
- Working with variant analysis functionality
- Implementing variant analysis features
- Debugging variant analysis related issues