portrailofbits·trailofbits· v1.0.0 · atualizado em 2026-04-10
77
Score
Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence for each bug.
Understand the Claim and Context: — Restate the bug in your own words, documenting the vulnerability claim, root cause, trigger, impact, and threat model.
2
Route Verification: — Choose between standard or deep verification based on the complexity of the claim.
3
Standard Verification (if applicable): — Follow the linear checklist in standard-verification.md, documenting findings.
4
Deep Verification (if applicable): — Create a task dependency graph and execute phases with appropriate agents, as described in deep-verification.md.
5
Batch Triage (if applicable): — If verifying multiple bugs, run Step 1 for all bugs first, then route and process each independently.
6
Exploit Chain Analysis: — After verifying all bugs, check for exploit chains where individually rejected findings may combine to form a viable attack.
7
Final Summary: — Provide counts of true positives and false positives, with descriptions for each.
is this a true positive?verify this findingcheck if this vulnerability is exploitablevalidate this suspected bugis this bug real?perform a false positive checkanalyze this potential vulnerability
SynapticSkills