Trail of Bits Blog
Follow
Try our new dimensional analysis Claude plugin
A new Claude plugin is released for code development and auditing, employing dimensional analysis, a technique from a previous blog post. Unlike security skills that find bugs, this plugin annotates code with dimensional types and flags mismatches. This approach achieved 93% recall in testing, outperforming baseline prompts with 50% recall. The plugin can be downloaded and used through provided commands in Claude. Traditional security analysis skills often yield low-quality results. The dimensional-analysis plugin uses the LLM to categorize the codebase for dimensional types instead of solely relying on its judgment. This results in more accurate and reliable bug detection. The plugin works in four phases: dimension discovery, annotation, propagation, and validation. The first phase identifies base and derived units, creating a dimensional vocabulary. The second phase annotates the codebase, assigning dimensional types to various elements. Dimensions are propagated across files in the third phase, and dimension mismatches are identified and classified in the final stage. Developers should run the plugin and commit the annotations to improve code understanding and find bugs. The developers also encourage users to report any missed dimensional errors to help improve the plugin.
