feat(skills): add 15 Trail of Bits skill entries (OCI distribution)

registries/toolhive/skills/agentic-actions-auditor/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "agentic-actions-auditor",
+  "title": "Agentic Actions Auditor",
+  "description": "Audit GitHub Actions workflows for security vulnerabilities in AI agent integrations (Claude Code Action, Gemini CLI, Codex) — detects prompt injection, env-var intermediary patterns, and wildcard user allowlists. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/agentic-actions-auditor:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/agentic-actions-auditor/skills/agentic-actions-auditor"
+    }
+  ]
+}

registries/toolhive/skills/codeql/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "codeql",
+  "title": "CodeQL",
+  "description": "Scan a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking — supports security-and-quality suites or high-precision findings, plus SARIF output handling. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/codeql:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/static-analysis/skills/codeql"
+    }
+  ]
+}

registries/toolhive/skills/constant-time-analysis/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "constant-time-analysis",
+  "title": "Constant-Time Analysis",
+  "description": "Detect timing side-channels in cryptographic code — covers C, C++, Go, Rust, Swift, Java, Kotlin, C#, PHP, JS/TS, Python, and Ruby; flags division on secrets and secret-dependent branches. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/constant-time-analysis:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/constant-time-analysis/skills/constant-time-analysis"
+    }
+  ]
+}

registries/toolhive/skills/differential-review/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "differential-review",
+  "title": "Differential Review",
+  "description": "Security-focused differential review of PRs, commits, and diffs — uses git history for context, calculates blast radius, checks test coverage, and flags security regressions. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/differential-review:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/differential-review/skills/differential-review"
+    }
+  ]
+}

registries/toolhive/skills/fp-check/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "fp-check",
+  "title": "False Positive Check",
+  "description": "Systematically verify suspected security bugs to eliminate false positives — produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence per bug, with mandatory gate reviews. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/fp-check:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/fp-check/skills/fp-check"
+    }
+  ]
+}

registries/toolhive/skills/insecure-defaults/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "insecure-defaults",
+  "title": "Insecure Defaults Detector",
+  "description": "Detect fail-open insecure defaults — hardcoded secrets, weak auth, permissive security settings, and misconfigured environment variable handling that let apps run insecurely in production. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/insecure-defaults:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/insecure-defaults/skills/insecure-defaults"
+    }
+  ]
+}

registries/toolhive/skills/property-based-testing/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "property-based-testing",
+  "title": "Property-Based Testing",
+  "description": "Property-based testing guidance across multiple languages and smart contracts — use when writing tests, designing features with serialization/validation/parsing, or when stronger coverage than example-based tests is needed. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/property-based-testing:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/property-based-testing/skills/property-based-testing"
+    }
+  ]
+}

registries/toolhive/skills/sarif-parsing/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "sarif-parsing",
+  "title": "SARIF Parsing",
+  "description": "Parse, filter, deduplicate, and convert SARIF files from CodeQL, Semgrep, and other scanners — for CI/CD integration and findings aggregation (does not run scans — pair with the codeql or semgrep skills for that). Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/sarif-parsing:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/static-analysis/skills/sarif-parsing"
+    }
+  ]
+}

registries/toolhive/skills/semgrep-rule-creator/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "semgrep-rule-creator",
+  "title": "Semgrep Rule Creator",
+  "description": "Create custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns — use when writing Semgrep rules or building tailored static analysis detections. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/semgrep-rule-creator:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/semgrep-rule-creator/skills/semgrep-rule-creator"
+    }
+  ]
+}

registries/toolhive/skills/semgrep-rule-variant-creator/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "semgrep-rule-variant-creator",
+  "title": "Semgrep Rule Variant Creator",
+  "description": "Port existing Semgrep rules to new target languages with test-driven validation — produces independent rule and test directories for each target language. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/semgrep-rule-variant-creator:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator"
+    }
+  ]
+}

registries/toolhive/skills/semgrep/skill.json

@@ -0,0 +1,31 @@
+{
+  "namespace": "io.github.stacklok",
+  "name": "semgrep",
+  "title": "Semgrep",
+  "description": "Run Semgrep static analysis with parallel subagents — full ruleset or high-confidence security findings only; auto-detects Semgrep Pro for cross-file taint analysis across multi-language codebases. Packaged from the upstream trailofbits/skills repository.",
+  "version": "0.1.0",
+  "status": "active",
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "url": "https://github.com/trailofbits/skills",
+    "type": "git"
+  },
+  "icons": [
+    {
+      "src": "icon.svg",
+      "type": "image/svg+xml"
+    }
+  ],
+  "packages": [
+    {
+      "registryType": "oci",
+      "identifier": "ghcr.io/stacklok/dockyard/skills/semgrep:0.1.0"
+    },
+    {
+      "registryType": "git",
+      "url": "https://github.com/trailofbits/skills",
+      "ref": "e8cc5baf9329ccb491bfa200e82eacbac83b1ead",
+      "subfolder": "plugins/static-analysis/skills/semgrep"
+    }
+  ]
+}