Graph Evolution
Builds Trailmark code graphs at two source snapshots and computes a
structural diff. Surfaces security-relevant changes that text-level
diffs miss: new attack paths, complexity shifts, blast radius growth,
taint propagation changes, and privilege boundary modifications.
When to Use
Comparing two git refs to understand what structurally changed
Auditing a range of commits for security-relevant evolution
Detecting new attack paths created by code changes
Finding functions whose blast radius or complexity grew silently
Identifying taint propagation changes across refactors
Pre-release structural comparison (tag-to-tag or branch-to-branch)
When NOT to Use
related skills
semantically similar in the cross-vendor index
don't have the plugin yet? install it then click "run inline in claude" again.
+clear problem statement: identifies gap between text-level and semantic diffs for security analysis.
+concrete use cases listed: auditing, blast radius detection, taint propagation changes are specific and motivated.
+reasonable scope boundaries: acknowledges when NOT to use, showing design constraints.
weaknesses
~no procedure at all: no steps, no input format, no algorithm. 'builds graphs and computes diff' is an abstract claim, not a workflow.
~missing implementation detail: no mention of how to invoke, which git refs matter, what the output format is, or how 'security-relevant' is determined.
~zero edge case handling: assumes graphs build cleanly, diffs are parseable, and that 'attack path' detection is deterministic. fails gracefully how?