بنقرة واحدة
semantic-code-analyzer
LLM-powered semantic analysis of code diffs to detect business-logic trojans
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
LLM-powered semantic analysis of code diffs to detect business-logic trojans
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Orchestrate via @babysitter. Use this skill when asked to babysit a run, orchestrate a process or whenever it is called explicitly. (babysit, babysitter, orchestrate, orchestrate a run, workflow, etc.)
Orchestrate via @babysitter. Use this skill when asked to babysit a run, orchestrate a process or whenever it is called explicitly. (babysit, babysitter, orchestrate, orchestrate a run, workflow, etc.)
Clean up .a5c/runs and .a5c/processes directories. Aggregates insights from completed/failed runs into docs/run-history-insights.md, then removes old run data and orphaned process files.
Submit feedback or contribute to babysitter project
manage babysitter plugins. use this command to see the list of installed babysitter plugins, their status, and manage them (install, update, uninstall, list from marketplace, add marketplace, configure plugin, create new plugin, etc).
Orchestrate via @babysitter. Use this skill when asked to babysit a run, orchestrate a process or whenever it is called explicitly. (babysit, babysitter, orchestrate, orchestrate a run, workflow, etc.)
| name | semantic-code-analyzer |
| description | LLM-powered semantic analysis of code diffs to detect business-logic trojans |
| allowed-tools | ["Bash","Read","Glob","Grep"] |
LLM-powered semantic analysis engine that detects business-logic trojans by comparing code intent (docstrings, function names, variable names) against actual implementation behavior.
The core detection capability of nation-state trojan detection. Traditional SAST tools check syntax; this skill checks semantics — whether the code does what it claims to do. It catches operator substitutions, logic inversions, constant manipulation, narrative camouflage, and compound self-masking attacks.
{
"type": "object",
"required": ["projectRoot", "filePath", "rawDiff"],
"properties": {
"projectRoot": {
"type": "string",
"description": "Absolute path to the project"
},
"projectName": {
"type": "string",
"description": "Project display name"
},
"filePath": {
"type": "string",
"description": "Path to the changed file"
},
"rawDiff": {
"type": "string",
"description": "Raw git diff output for this file"
},
"classification": {
"type": "string",
"description": "Change classification from git forensics (code/config/data-model/cosmetic)"
}
}
}
{
"type": "object",
"required": ["filePath", "verdict", "confidence", "findings"],
"properties": {
"filePath": { "type": "string" },
"verdict": {
"type": "string",
"enum": ["CLEAN", "SUSPICIOUS", "TROJAN_DETECTED"]
},
"confidence": {
"type": "number",
"minimum": 0,
"maximum": 100
},
"findings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"line": { "type": "number" },
"originalCode": { "type": "string" },
"modifiedCode": { "type": "string" },
"signature": { "type": "string" },
"severity": { "type": "string" },
"explanation": { "type": "string" },
"mathematicalImpact": { "type": "string" },
"blastRadius": { "type": "array", "items": { "type": "string" } },
"testEvasionReason": { "type": "string" }
}
}
},
"stealthRating": { "type": "string" }
}
}
skill: {
name: 'semantic-code-analyzer',
context: {
projectRoot: '/path/to/project',
filePath: 'backend/app/data/models.py',
rawDiff: '--- a/backend/app/data/models.py\n+++ b/...',
classification: 'data-model'
}
}
| Signature | What It Catches |
|---|---|
constant-manipulation | Threshold/limit changes that disable features |
logic-inversion | Operator flips (< to >, a/b to b/a) |
narrative-camouflage | Docstrings rewritten to match malicious code |
edge-case-exploitation | Corrupted fallback/default paths |
self-masking-compound | Multiple layers hiding each other's impact |
precision-truncation | Division operator swaps losing precision |
window-overlap-neutralization | Comparison windows narrowed until meaningless |
calibration-camouflage | ML hyperparameter degradation |
cosmetic-decoy | Formatting changes hiding semantic modifications |
nation-state-trojan-detection.js — Phase 2: Semantic Analysis (per-file)nation-state-trojan-detection.js — Phase 3: Compound Analysis (cross-file)