ログイン
shishiv

sharp-edges

by @shishiv in Development
0
0
# Install this skill:
npx skills add shishiv/gsd --skill "sharp-edges"

Install specific skill from multi-skill repository

# Description

Identify error-prone APIs and dangerous configurations

# SKILL.md

name: sharp-edges
description: "Identify error-prone APIs and dangerous configurations"
source: "https://github.com/trailofbits/skills/tree/main/plugins/sharp-edges"
risk: safe

Sharp Edges

Overview

Identify error-prone APIs and dangerous configurations that could lead to bugs, security vulnerabilities, or system failures.

When to Use This Skill

Use this skill when you need to identify error-prone APIs and dangerous configurations.

Use this skill when:
- Reviewing code for potentially dangerous API usage
- Identifying configurations that could cause issues
- Analyzing code for error-prone patterns
- Assessing risk in API design or configuration choices
- Performing security audits focused on API misuse

Instructions

This skill helps identify problematic APIs and configurations:

  1. API Analysis: Review API usage for error-prone patterns
  2. Configuration Review: Identify dangerous or risky configurations
  3. Pattern Recognition: Spot common mistakes and pitfalls
  4. Risk Assessment: Evaluate the potential impact of identified issues

Common Sharp Edges

Error-Prone APIs

  • APIs with complex parameter requirements
  • APIs with non-obvious failure modes
  • APIs that require careful resource management
  • APIs with timing or concurrency issues
  • APIs with unclear error handling

Dangerous Configurations

  • Default settings that are insecure
  • Configurations that bypass security controls
  • Settings that enable dangerous features
  • Options that reduce system reliability
  • Parameters that affect performance negatively

Detection Strategies

  1. Code Review: Look for known problematic patterns
  2. Static Analysis: Use tools to identify risky API usage
  3. Configuration Audits: Review configuration files for dangerous settings
  4. Documentation Review: Check for warnings about API usage
  5. Experience-Based: Leverage knowledge of common pitfalls

Best Practices

  • Document identified sharp edges
  • Provide clear guidance on safe usage
  • Create examples of correct vs incorrect usage
  • Recommend safer alternatives when available
  • Update documentation with findings

Resources

For more information, see the source repository.

# Related Skills

facebook
feature-flags @facebook

Use when feature flag tests fail, flags need updating, understanding @gate pragmas, debugging...

★ 242,571
facebook
fix @facebook

Use when you have lint errors, formatting issues, or before committing code to ensure it passes CI.

★ 242,571
facebook
flags @facebook

Use when you need to check feature flag states, compare channels, or debug why a feature behaves...

★ 242,571

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

Amp 🚀 Antigravity 🤖 Claude Code 🦀 Clawdbot 📝 Codex ▶️ Cursor 🤖 Droid 💎 Gemini CLI 🐙 GitHub Copilot 🪿 Goose 📊 Kilo Code 🔧 Kiro CLI 💻 OpenCode 🦘 Roo Code 🌲 Trae 🏄 Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.