All skills
Skillintermediate

trailmark

**Source code graph analysis for security auditing.** Parses code into queryable graphs of functions, classes, and calls, then uses that structure for diagram generation, mutation testing triage, protocol verification, and differential review.

Claude Code Knowledge Pack7/10/2026

Overview

trailmark

Source code graph analysis for security auditing. Parses code into queryable graphs of functions, classes, and calls, then uses that structure for diagram generation, mutation testing triage, protocol verification, and differential review.

Prerequisites

Trailmark (source) must be installed:

uv pip install trailmark

Skills

SkillDescription
trailmarkBuild and query multi-language code graphs with pre-analysis passes (blast radius, taint, privilege boundaries, entrypoints)
diagramming-codeGenerate Mermaid diagrams from code graphs (call graphs, class hierarchies, complexity heatmaps, data flow)
crypto-protocol-diagramExtract protocol message flow from source code or specs (RFC, ProVerif, Tamarin) into sequence diagrams
genotoxicTriage mutation testing results using graph analysis — classify survived mutants as false positives, missing tests, or fuzzing targets
vector-forgeMutation-driven test vector generation — find coverage gaps via mutation testing, then generate Wycheproof-style vectors that close them
graph-evolutionCompare code graphs at two snapshots to surface security-relevant structural changes text diffs miss
mermaid-to-proverifConvert Mermaid sequence diagrams into ProVerif formal verification models
audit-augmentationProject SARIF and weAudit findings onto code graphs as annotations and subgraphs
trailmark-summaryQuick structural overview (language detection, entry points, dependencies) for vivisect/galvanize
trailmark-structuralFull structural analysis with all pre-analysis passes (blast radius, taint, privilege boundaries, complexity)

Directory Structure

trailmark/
├── .claude-plugin/
│   └── plugin.json
├── README.md
└── skills/
    ├── trailmark/                    # Core graph querying
    ├── diagramming-code/             # Mermaid diagram generation
    │   └── scripts/diagram.py
    ├── crypto-protocol-diagram/      # Protocol flow extraction
    │   └── examples/
    ├── genotoxic/                    # Mutation testing triage
    ├── vector-forge/                 # Mutation-driven test vector generation
    │   └── references/
    ├── graph-evolution/              # Structural diff
    │   └── scripts/graph_diff.py
    ├── mermaid-to-proverif/          # Sequence diagram → ProVerif
    │   └── examples/
    ├── audit-augmentation/           # SARIF/weAudit integration
    ├── trailmark-summary/            # Quick overview for vivisect/galvanize
    └── trailmark-structural/         # Full structural analysis

Related Skills

SkillUse For
mutation-testingGuidance for running mutation frameworks (mewt, muton) — use before genotoxic for triage
differential-reviewText-level security diff review — complements graph-evolution's structural analysis
audit-context-buildingDeep architectural context before vulnerability hunting