address-sanitizer

by trailofbits

address-sanitizer helps you install and use AddressSanitizer (ASan) to catch memory safety bugs during testing, fuzzing, and crash triage. It is useful for C/C++, Rust unsafe code, and security audit workflows when you need reproducible stack traces and clearer failure signals.

Stars5k

Favorites0

Comments0

AddedMay 7, 2026

CategorySecurity Audit

Install Command

npx skills add trailofbits/skills --skill address-sanitizer

Curation Score

This skill scores 71/100, which means it is list-worthy for directory users but not a highly polished install choice. The repository gives enough concrete guidance to trigger AddressSanitizer correctly and understand its use in fuzzing and memory-bug hunting, but users should expect a technique guide rather than a fully operational, script-backed workflow.

71/100

Strengths

Clear trigger and scope for C/C++ fuzzing and memory-safety debugging, with explicit when-to-apply guidance.
Substantive workflow content: the body is long, structured with many headings, and includes practical concepts like instrumentation, shadow memory, and performance cost.
Evidence-backed guardrails: it states skip conditions and key limitations, which helps agents decide when the skill is appropriate.

Cautions

No install command, scripts, or support files are provided, so adoption depends on reading and applying the handbook content directly.
The description field is very short and the repo appears technique-oriented rather than tool-driven, so agents may still need some prompt interpretation to operationalize it.

Sanitizers Fuzzing C Cpp Rust Testing Security

Overview

Overview of address-sanitizer skill

What address-sanitizer is for

The address-sanitizer skill helps you use AddressSanitizer (ASan) to catch memory safety bugs during testing, especially fuzzing and crash triage. It is most useful when you need to turn a vague “something is corrupting memory” problem into a reproducible stack trace, allocation history, or failing test case.

Best-fit users and use cases

This address-sanitizer skill is a strong fit for C/C++ testing workflows, fuzzing pipelines, and Rust code that uses unsafe. It is also useful for security reviewers who want a practical address-sanitizer for Security Audit path before escalation to deeper manual analysis.

What makes it different

ASan is not a generic prompt trick; it is a compile-time instrumentation workflow with runtime tradeoffs. The main value of the address-sanitizer skill is that it helps you decide when ASan is the right tool, what inputs it needs, and how to avoid misleading results caused by builds, flags, or environment mismatch.

How to Use address-sanitizer skill

Install the skill

Use the repository install flow that your skill runner expects, then verify the address-sanitizer install succeeded by opening SKILL.md in the skill bundle. If your environment supports skill manifests, confirm the name is exactly address-sanitizer so your prompt router can trigger the right guidance.

Give it the right test context

Good address-sanitizer usage starts with a specific target: language, build system, test command, crash symptoms, and whether you are fuzzing, running unit tests, or reproducing an issue. A weak request like “help me use ASan” is less useful than: “I have a C++ library built with CMake, a crash in a fuzz target, and I need ASan flags plus a minimal reproduction workflow.”

Read the skill files in this order

Start with SKILL.md, then inspect any linked repository notes or supporting docs your environment exposes. For this repo path, the practical reading order is to find the main guidance, then check the sections covering overview, key concepts, when to apply, and quick reference so you understand the operational constraints before you edit build flags.

Turn a rough goal into a usable prompt

For best results, tell the skill what you are trying to prove, what compiler and test harness you use, and what success looks like. Example: “I want to find heap-use-after-free in a Linux C++ service compiled with Clang; give me the ASan build flags, runtime options, and the shortest triage path for a crash from a fuzzing run.” That framing produces better address-sanitizer guide output than asking for a generic explanation.

address-sanitizer skill FAQ

Is address-sanitizer only for fuzzing?

No. Fuzzing is a common use case, but the address-sanitizer skill also applies to unit tests, regression tests, and crash debugging when you suspect memory corruption. If the bug is already reproducible, ASan can still provide the fastest route to a clearer stack trace.

When should I not use it?

Do not reach for ASan when you need production-like performance, when your target platform or toolchain does not support it well, or when the bug is likely unrelated to memory safety. If your issue is logic-only, protocol-level, or performance-only, ASan usually adds noise rather than signal.

Is it better than a normal prompt?

Yes, when the job is memory-error detection and triage. A normal prompt may explain ASan conceptually, but the address-sanitizer skill is more useful when you need an installable, workflow-oriented guide that helps you choose flags, inputs, and debug steps with less guesswork.

Can beginners use it?

Yes, if they can describe their build and test setup. The main requirement is not deep sanitizer expertise; it is having enough project context to state the language, compiler, platform, and reproduction path so the skill can recommend the right ASan workflow.

How to Improve address-sanitizer skill

Provide the build and runtime details

The best address-sanitizer results come from exact compiler, platform, and test command details. Include whether you use Clang or GCC, which sanitizer flags are already enabled, and whether the failure appears in a fuzz target, test binary, or standalone repro.

State the memory pattern you suspect

ASan output is most actionable when you describe the symptom: out-of-bounds read, heap-use-after-free, stack overflow, double free, or leak. If you only say “it crashes,” the skill has to infer too much and may suggest the wrong build or triage path.

Ask for the next debugging step

After the first answer, iterate by asking for the smallest possible follow-up: “show me how to reduce this repro,” “help me interpret this stack trace,” or “what ASan flags should I add for symbolization and better reports?” This keeps the address-sanitizer skill focused on the decision that matters next instead of broad sanitizer theory.

Watch for common failure modes

The most common mistakes are building without full instrumentation, mixing sanitized and unsanitized objects, and treating ASan as proof of exploitability instead of a debugging signal. If you want address-sanitizer for Security Audit, provide the threat model and code location so the output distinguishes confirmed memory corruption from theoretical risk.

Ratings & Reviews

No ratings yet

Share your review

0/10000

Latest reviews

Saving...

more skill

solana-vulnerability-scanner

by trailofbits

solana-vulnerability-scanner is a focused Solana security audit skill for native Rust and Anchor programs. It helps review CPI logic, PDA validation, signer and ownership checks, and sysvar spoofing to catch six critical Solana-specific vulnerabilities before deployment.

Security Audit

Favorites 0GitHub 4.9k

sharp-edges

by trailofbits

The sharp-edges skill helps you find APIs, configs, and interfaces where the easy path leads to insecure use. Use it to review authentication flows, cryptographic wrappers, dangerous defaults, null or zero semantics, and misuse-prone design choices. It is a strong fit for sharp-edges for Security Audit work when you need concrete footguns, not generic security guesses.

Security Audit

Favorites 0GitHub 5k

security-review

by affaan-m

Use the security-review skill to review auth, user input, secrets, APIs, payments, uploads, and other sensitive flows. It provides a practical security-review guide with clear pass/fail checks, risky-pattern examples, and a focused process for catching common issues before release.

Security Audit

Favorites 0GitHub 156.3k

django-security

by affaan-m

django-security is a practical guide for hardening Django apps with authentication, authorization, CSRF, XSS, SQL injection prevention, secure cookies, and production settings. It helps developers and reviewers run a focused Security Audit, quickly spot risky config, and apply concrete fixes before deployment.

Security Audit

Favorites 0GitHub 156.1k

ossfuzz

by trailofbits

Learn the ossfuzz skill for continuous fuzzing setup, project enrollment, harness planning, and build workflow review. This guide helps security engineers and maintainers assess readiness, spot build blockers, and prepare a practical path from source tree to OSS-Fuzz or private fuzzing infrastructure.

Security Audit

Favorites 0GitHub 5k

codeql

by trailofbits

The codeql skill helps you run CodeQL with fewer blind spots during a security audit. It focuses on database quality, suite selection, data extensions, and SARIF review so you can use codeql usage more reliably across supported languages. Use it for repeatable codeql guide steps when analyzing real repositories.

Security Audit

Favorites 0GitHub 5k

semgrep-rule-creator

by trailofbits

semgrep-rule-creator creates production-quality Semgrep rules for security vulnerabilities, bug patterns, taint-flow detections, and coding standards. Use the semgrep-rule-creator skill for Security Audit work when you need precise rules, test cases, and validation instead of a generic draft.

Security Audit

Favorites 0GitHub 5k

insecure-defaults

by trailofbits

The insecure-defaults skill helps spot fail-open configuration patterns that let software run with unsafe settings instead of stopping. Use it for a Security Audit of production code, deployment configs, and secret-handling logic to catch weak auth, hardcoded secrets, and permissive defaults.

Security Audit

Favorites 0GitHub 5k

constant-time-analysis

by trailofbits

constant-time-analysis is a security-audit skill for finding timing side-channel risks in cryptographic code before they become exploitable bugs. Use it to review secret-dependent math, branches, comparisons, and compiled output when checking C, C++, Go, Rust, Swift, Java, Kotlin, PHP, JavaScript, TypeScript, Python, or Ruby.

Security Audit

Favorites 0GitHub 5k

secure-workflow-guide

by trailofbits

secure-workflow-guide guides a 5-step Solidity security workflow: Slither triage, feature-specific checks, visual inspection, security-property notes, and manual review. It is built for smart contract teams, auditors, and builders who want a repeatable secure-workflow-guide guide before deployment or release.

Security Audit

Favorites 0GitHub 4.9k

algorand-vulnerability-scanner

by trailofbits

algorand-vulnerability-scanner is a security-audit skill for Algorand TEAL and PyTeal. It helps find 11 common issues, including rekeying attacks, fee validation gaps, field checks, and access control flaws. Use the algorand-vulnerability-scanner skill for a practical first-pass review before a manual audit.

Security Audit

Favorites 0GitHub 4.9k

supabase-postgres-best-practices

by supabase

supabase-postgres-best-practices is a Supabase Postgres optimization skill for query tuning, indexing, schema design, RLS performance, locking, and connection management.

Database Engineering

Favorites 0GitHub 1.7k

entra-agent-id

by microsoft

entra-agent-id is a Microsoft Entra Agent ID preview skill for backend development teams building OAuth2-capable AI agent identities with Graph beta. It covers blueprint setup, blueprint principals, agent identities, permissions, sponsors, workload identity federation, and sidecar-based auth. Use it to understand entra-agent-id install, usage, and rollout constraints.

Backend Development

Favorites 0GitHub 0

token-integration-analyzer

by trailofbits

token-integration-analyzer is a security-review skill for token implementations and token integrations. It checks ERC20/ERC721 conformity, weird token patterns, owner privileges, scarcity, and non-standard token handling for Security Audit workflows. Use the token-integration-analyzer guide to reduce guesswork and assess compatibility risk.

Security Audit

Favorites 0GitHub 4.9k

cosmos-vulnerability-scanner

by trailofbits

cosmos-vulnerability-scanner finds consensus-critical bugs in Cosmos SDK modules, CosmWasm contracts, IBC integrations, and Cosmos EVM stacks. Use this cosmos-vulnerability-scanner guide for security audit workflows, chain-halt risks, fund-loss paths, and pre-launch reviews.

Security Audit

Favorites 0GitHub 4.9k

ruzzy

by trailofbits

ruzzy is a coverage-guided Ruby fuzzing skill for testing pure Ruby code and Ruby C extensions. Use the ruzzy guide to set up a supported Linux environment, verify sanitizer wiring, and build practical fuzzing workflows for Security Audit work.

Security Audit

Favorites 0GitHub 5k