Vibe Index
๐Ÿ”Œ

yara-authoring

๐Ÿ”ŒPlugin

trailofbits/skills

VibeIndex|
What it does
|

YARA-X detection rule authoring with linting and quality analysis

Overview

A YARA detection rule authoring plugin from Trail of Bits that provides linting, atom analysis, and best practices guidance for writing YARA-X rules. Part of the Trail of Bits Skills collection covering security research, malware analysis, reverse engineering, and development.

Key Features

  • YARA-X rule authoring โ€” Write detection rules with expert guidance on syntax, patterns, and conditions
  • Linting โ€” Automated quality checks for YARA rules to catch common mistakes
  • Atom analysis โ€” Analyze rule atoms for detection coverage and performance optimization
  • Best practices โ€” Built-in guidance from Trail of Bits security researchers on effective rule writing
  • Part of Trail of Bits Skills โ€” Alongside plugins for constant-time analysis, property-based testing, spec-to-code compliance, Firebase APK scanning, and more

Who is this for?

Security researchers, threat hunters, and malware analysts who write YARA detection rules and want AI-assisted authoring with quality checks. Ideal for teams doing threat detection engineering who need consistent, high-quality YARA rules.

๐Ÿช

Part of

trailofbits-skills

Installation

Add marketplace in Claude Code:
/plugin marketplace add trailofbits/skills
Step 2. Install plugin:
/plugin install yara-authoring@trailofbits
3,419
-
Last UpdatedMar 6, 2026
View on GitHubBack to Plugins

More from this repository10

๐Ÿ”Œ
insecure-defaults๐Ÿ”ŒPlugin

Trail of Bits code-auditing plugin that detects insecure default configurations, hardcoded credentials, and fail-open security patterns during AI-assisted security review.

๐Ÿ”Œ
burpsuite-project-parser๐Ÿ”ŒPlugin

Trail of Bits code-auditing plugin that searches and extracts data from Burp Suite project files for AI-assisted security analysis.

๐Ÿ”Œ
semgrep-rule-creator๐Ÿ”ŒPlugin

Trail of Bits code-auditing plugin that creates and refines Semgrep rules for custom vulnerability detection.

๐Ÿ”Œ
constant-time-analysis๐Ÿ”ŒPlugin

Trail of Bits verification plugin that detects compiler-induced timing side-channels in cryptographic code โ€” credited with finding a timing side-channel in ML-DSA signing (RustCrypto).

๐Ÿช
trailofbits-skills๐ŸชMarketplace

A Claude Code plugin marketplace from Trail of Bits providing skills for AI-assisted security analysis, testing, and development workflows.

๐Ÿ”Œ
gh-cli๐Ÿ”ŒPlugin

Intercepts GitHub URL fetches and curl/wget commands, redirecting to the authenticated gh CLI. Includes gh CLI usage guidance.

๐Ÿ”Œ
workflow-skill-design๐Ÿ”ŒPlugin

Teaches design patterns for workflow-based Claude Code skills and provides a review agent for auditing existing skills

๐ŸŽฏ
ask-questions-if-underspecified๐ŸŽฏSkill

A Claude Code plugin marketplace from Trail of Bits providing skills for AI-assisted security analysis, testing, and development workflows.

๐ŸŽฏ
semgrep๐ŸŽฏSkill

Runs Semgrep static analysis for security vulnerability detection and code quality enforcement, from the Trail of Bits Skills Marketplace for AI-assisted security workflows.

๐ŸŽฏ
modern-python๐ŸŽฏSkill

A Claude Code plugin marketplace from Trail of Bits providing skills for AI-assisted security analysis, testing, and development workflows.