Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

sc30gsw/vcsdd-formal-hardening

Name: vcsdd-formal-hardening
Author: sc30gsw

skills/vcsdd-formal-hardening/SKILL.md

npx skillsauth add sc30gsw/vcsdd-claude-code vcsdd-formal-hardening

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

VCSDD Formal Hardening

When to Activate

Phase 5 (formal hardening)
Writing verification harnesses
Interpreting property test failures

Tool Selection by Tier

| Tier | Rust | Python | TypeScript | |------|------|--------|------------| | 1 | proptest, cargo-fuzz | hypothesis | fast-check | | 2 | kani | (manual invariants) | (manual invariants) | | 3 | kani + CBMC | (escalate to human) | (escalate to human) |

Proof Harness Patterns

Rust - Kani (Tier 2)

#[cfg(kani)]
mod verification {
    use super::*;

    #[kani::proof]
    fn verify_parse_empty() {
        let result = parse("");
        assert!(result == Err(ParseError::Empty));
    }

    #[kani::proof]
    #[kani::unwind(10)]
    fn verify_parse_roundtrip() {
        let input: String = kani::any();
        kani::assume(input.len() < 10);
        if let Ok(parsed) = parse(&input) {
            assert_eq!(serialize(parsed), input);
        }
    }
}

Python - Hypothesis (Tier 1)

from hypothesis import given, strategies as st

@given(st.text(min_size=0, max_size=100))
def test_parse_arbitrary(s):
    result = parse(s)
    if result.is_ok():
        assert serialize(result.value) == s

TypeScript - fast-check (Tier 1)

import * as fc from 'fast-check';

test('parse roundtrip', () => {
  fc.assert(
    fc.property(fc.string({ minLength: 0, maxLength: 100 }), (s) => {
      const result = parse(s);
      if (result.ok) {
        return serialize(result.value) === s;
      }
      return true; // error cases are valid
    })
  );
});

Graceful Degradation

Always produce:

verification-report.md
security-report.md
purity-audit.md
At least one captured file under verification/security-results/

If required tool is unavailable:

Document the degradation in verification-report.md
Degrade to lower tier
Only leave an obligation as skipped when it is not required
Still run security hardening / purity audit and write their artifacts
Required obligations that remain skipped block Phase 6
Pipeline DOES NOT block if obligation is not required

sc30gsw/vcsdd-formal-hardening

skills/vcsdd-formal-hardening/SKILL.md

Use this skill during Phase 5 formal hardening. Provides tool selection, proof harness patterns, security/purity audit expectations, and verification result interpretation for Rust (Kani), Python (hypothesis), and TypeScript (fast-check).

20 stars

tools

Updated Apr 16, 2026

$ install --global

skillsauth

npx skillsauth add sc30gsw/vcsdd-claude-code vcsdd-formal-hardening

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 16, 2026, 7:35 PM12.1s1 file scanned

SKILL.md

name:: vcsdd-formal-hardening
description:: Use this skill during Phase 5 formal hardening. Provides tool selection, proof harness patterns, security/purity audit expectations, and verification result interpretation for Rust (Kani), Python (hypothesis), and TypeScript (fast-check).
origin:: VCSDD

VCSDD Formal Hardening

When to Activate

Phase 5 (formal hardening)
Writing verification harnesses
Interpreting property test failures

Tool Selection by Tier

Proof Harness Patterns

Rust - Kani (Tier 2)

#[cfg(kani)]
mod verification {
    use super::*;

    #[kani::proof]
    fn verify_parse_empty() {
        let result = parse("");
        assert!(result == Err(ParseError::Empty));
    }

    #[kani::proof]
    #[kani::unwind(10)]
    fn verify_parse_roundtrip() {
        let input: String = kani::any();
        kani::assume(input.len() < 10);
        if let Ok(parsed) = parse(&input) {
            assert_eq!(serialize(parsed), input);
        }
    }
}

Python - Hypothesis (Tier 1)

from hypothesis import given, strategies as st

@given(st.text(min_size=0, max_size=100))
def test_parse_arbitrary(s):
    result = parse(s)
    if result.is_ok():
        assert serialize(result.value) == s

TypeScript - fast-check (Tier 1)

import * as fc from 'fast-check';

test('parse roundtrip', () => {
  fc.assert(
    fc.property(fc.string({ minLength: 0, maxLength: 100 }), (s) => {
      const result = parse(s);
      if (result.ok) {
        return serialize(result.value) === s;
      }
      return true; // error cases are valid
    })
  );
});

Graceful Degradation

Always produce:

verification-report.md
security-report.md
purity-audit.md
At least one captured file under verification/security-results/

If required tool is unavailable:

Document the degradation in verification-report.md
Degrade to lower tier
Only leave an obligation as skipped when it is not required
Still run security hardening / purity audit and write their artifacts
Required obligations that remain skipped block Phase 6
Pipeline DOES NOT block if obligation is not required

Related Skills

sc30gsw/vcsdd-verification-architecture

documentation

VerifiedTrustedCommunity

Use this skill when writing Phase 1b verification architecture documents. Provides purity boundary mapping, proof obligation design, and tier assignment guidance.

20SKILL.mdUpdated Apr 16, 2026

sc30gsw/vcsdd-verification-architecture

sc30gsw/vcsdd-traceability

data-ai

VerifiedTrustedCommunity

Use this skill when creating or querying VCSDD Chainlink bead traceability. Provides bead creation patterns, chain traversal, and completeness validation.

20SKILL.mdUpdated Apr 16, 2026

sc30gsw/vcsdd-traceability

sc30gsw/vcsdd-trace

data-ai

VerifiedTrustedCommunity

Display the full traceability chain for a VCSDD bead. Traverses the Chainlink graph from the given bead ID and shows all connected artifacts with status.

20SKILL.mdUpdated Apr 16, 2026

sc30gsw/vcsdd-tdd

development

VerifiedTrustedCommunity

Run Phase 2a (test generation, Red phase) for the active VCSDD feature. Invokes vcsdd-builder to generate failing tests for all spec requirements. Records red phase evidence.

20SKILL.mdUpdated Apr 16, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/sc30gsw/vcsdd-claude-code.git

# Copy into Claude Code skills folder (global)
cp -r vcsdd-claude-code/skills/vcsdd-formal-hardening ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

sc30gsw/vcsdd-claude-code

20 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT