sharp-edges

Documentation & Productivité

"Identify error-prone APIs and dangerous configurations"

Documentation

Sharp Edges

Overview

Identify error-prone APIs and dangerous configurations that could lead to bugs, security vulnerabilities, or system failures.

When to Use This Skill

Use this skill when you need to identify error-prone APIs and dangerous configurations.

Use this skill when:

Reviewing code for potentially dangerous API usage
Identifying configurations that could cause issues
Analyzing code for error-prone patterns
Assessing risk in API design or configuration choices
Performing security audits focused on API misuse

Instructions

This skill helps identify problematic APIs and configurations:

1.API Analysis: Review API usage for error-prone patterns
2.Configuration Review: Identify dangerous or risky configurations
3.Pattern Recognition: Spot common mistakes and pitfalls
4.Risk Assessment: Evaluate the potential impact of identified issues

Common Sharp Edges

Error-Prone APIs

APIs with complex parameter requirements
APIs with non-obvious failure modes
APIs that require careful resource management
APIs with timing or concurrency issues
APIs with unclear error handling

Dangerous Configurations

Default settings that are insecure
Configurations that bypass security controls
Settings that enable dangerous features
Options that reduce system reliability
Parameters that affect performance negatively

Detection Strategies

1.Code Review: Look for known problematic patterns
2.Static Analysis: Use tools to identify risky API usage
3.Configuration Audits: Review configuration files for dangerous settings
4.Documentation Review: Check for warnings about API usage
5.Experience-Based: Leverage knowledge of common pitfalls

Best Practices

Document identified sharp edges
Provide clear guidance on safe usage
Create examples of correct vs incorrect usage
Recommend safer alternatives when available
Update documentation with findings

Resources

For more information, see the [source repository](https://github.com/trailofbits/skills/tree/main/plugins/sharp-edges).

Compétences similaires

Explorez d'autres agents de la catégorie Documentation & Productivité

Voir tout le catalogue

defi-protocol-templates

Implement DeFi protocols with production-ready templates for staking, AMMs, governance, and lending systems. Use when building decentralized finance applications or smart contract protocols.

VOIR LA FICHE

telegram-mini-app

"Expert in building Telegram Mini Apps (TWA) - web apps that run inside Telegram with native-like experience. Covers the TON ecosystem, Telegram Web App API, payments, user authentication, and building viral mini apps that monetize. Use when: telegram mini app, TWA, telegram web app, TON app, mini app."

VOIR LA FICHE

projection-patterns

Build read models and projections from event streams. Use when implementing CQRS read sides, building materialized views, or optimizing query performance in event-sourced systems.

VOIR LA FICHE
Utiliser l'Agent sharp-edges - Outil & Compétence IA | Skills Catalogue | Skills Catalogue