code-maturity-assessor

Solid

Systematic code maturity assessment using Trail of Bits' 9-category framework. Analyzes codebase for arithmetic safety, auditing practices, access controls, complexity, decentralization, documentation, MEV risks, low-level code, and testing. Produces professional scorecard with evidence-based ratings and actionable recommendations.

Testing & QA 5,487 stars 485 forks Updated 3 days ago CC-BY-SA-4.0

Install

View on GitHub

Quality Score: 90/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Code Maturity Assessor ## Purpose Systematically assesses codebase maturity using Trail of Bits' 9-category framework. Provides evidence-based ratings and actionable recommendations. **Framework**: Building Secure Contracts - Code Maturity Evaluation v0.1.0 --- ## How This Works ### Phase 1: Discovery Explores the codebase to understand: - Project structure and platform - Contract/module files - Test coverage - Documentation availability ### Phase 2: Analysis For each of 9 categories, I'll: - **Search the code** for relevant patterns - **Read key files** to assess implementation - **Present findings** with file references - **Ask clarifying questions** about processes I can't see in code - **Determine rating** based on criteria ### Phase 3: Report Generates: - Executive summary - Maturity scorecard (ratings for all 9 categories) - Detailed analysis with evidence - Priority-ordered improvement roadmap --- ## Rating System - **Missing (0)**: Not present/not implemented - **Weak (1)**: Several significant improvements needed - **Moderate (2)**: Adequate, can be improved - **Satisfactory (3)**: Above average, minor improvements - **Strong (4)**: Exceptional, only small improvements possible **Rating Logic**: - ANY "Weak" criteria → **Weak** - NO "Weak" + SOME "Moderate" unmet → **Moderate** - ALL "Moderate" + SOME "Satisfactory" met → **Satisfactory** - ALL "Satisfactory" + exceptional practices → **Strong** --- ## The 9 Categories I assess 9 comprehensive catego...

Details

Author: trailofbits
Repository: trailofbits/skills
Created: 4 months ago
Last Updated: 3 days ago
Language: Python
License: CC-BY-SA-4.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

code-maturity-assessor

1 Updated 2 days ago

kevinvwong

AI & Automation Listed

code-qualities-assessment

Assess code maintainability through 5 foundational qualities (cohesion, coupling, encapsulation, testability, non-redundancy) with quantifiable scoring rubrics. Works at method/class/module levels across multiple languages. Produces markdown reports with remediation guidance.

33 Updated today

rjmurillo

AI & Automation Listed

codebase-health

Score your codebase 0-100 across complexity, coupling, cohesion, test coverage, documentation, churn hotspots, dependency health, and lint/type safety. Use when: 'how healthy is this codebase', 'check code quality', 'score my project', 'find tech debt hotspots', 'codebase assessment', 'what needs attention in this repo', 'health check', 'quality audit'.

4 Updated today

tinh2

AI & Automation Solid

code-auditor

Performs comprehensive codebase analysis covering architecture, code quality, security, performance, testing, and maintainability. Use when user wants to audit code quality, identify technical debt, find security issues, assess test coverage, or get a codebase health check.

591 Updated 2 months ago

mhattingpete

Code & Development Listed

code-review-expert

Comprehensive code review expertise. Use when reviewing code, evaluating architecture, or assessing quality. Triggers on review, evaluate, assess, audit, code quality, best practices.

335 Updated today

aiskillstore