ReddRadar
Agent skill
mutation-testing
Configures mewt or muton mutation testing campaigns — scopes targets, tunes timeouts, and optimizes long-running runs. Use when the user mentions mewt, muton, mutation testing, or wants to configure or optimize a mutation testing campaign.
Install this agent skill to your Project
npx add-skill https://github.com/trailofbits/skills/tree/main/plugins/mutation-testing/skills/mutation-testing
SKILL.md
Mutation Testing — Campaign Configuration (mewt/muton)
Note: muton and mewt share identical interfaces but target different languages — mewt for general-purpose languages (Rust, Solidity, Go, TypeScript, JavaScript), muton for TON smart contracts (Tact, Tolk, FunC). All examples use
mewtcommands, but they work exactly the same withmuton. File names change accordingly:mewt.toml→muton.toml,mewt.sqlite→muton.sqlite.
When to Use
Use this skill when the user:
- Mentions "mewt", "muton", or "mutation testing"
- Needs to configure or optimize a mutation testing campaign
- Wants to run
mewt runand needs help getting set up first
When NOT to Use
Do not use this skill when the user:
- Wants to analyze or report on completed campaign results
- Asks about tests or coverage without mentioning mutation testing
Quick Start
Load workflows/configuration.md — a 5-phase guide from mewt init to a validated, ready-to-run campaign.
General question or unfamiliar command?
Run mewt --help or mewt <subcommand> --help, then assist.
Reference Index
| File | Content |
|---|---|
| workflows/configuration.md | 5-phase guide: init, scope, optimize, validate, run |
| references/optimization-strategies.md | Per-file targeting, two-phase campaigns, mutation type filtering |
Essential Commands
# Initialize and mutate
mewt init # Create mewt.toml and mewt.sqlite
mewt mutate [paths] # Generate mutants without running tests
mewt run [paths] # Run the full campaign
# Inspect configuration and scope
mewt print config # View effective configuration
mewt print targets # Table of all targeted files
mewt print mutations --language [lang] # Available mutation types
mewt status # Mutant count and per-file breakdown
# Investigate specific mutants
mewt print mutants --target [path] # All mutants for a file
mewt print mutants --severity high # Filter by severity
mewt print mutant --id [id] # View mutated code diff
mewt test --ids [ids] # Re-test specific mutants
What Results Mean
- Caught/TestFail: Tests detected the mutation (good)
- Uncaught: Mutation survived — indicates untested logic
- Timeout: Tests took too long, inconclusive
- Skipped: A more severe mutant already failed on the same line
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
trailofbits/skills
gh-cli
Enforces authenticated gh CLI workflows over unauthenticated curl/WebFetch patterns. Use when working with GitHub URLs, API access, pull requests, or issues.
trailofbits/skills
supply-chain-risk-auditor
Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.
trailofbits/skills
zeroize-audit
Detects missing zeroization of sensitive data in source code and identifies zeroization removed by compiler optimizations, with assembly-level analysis, and control-flow verification. Use for auditing C/C++/Rust code handling secrets, keys, passwords, or other sensitive data.
trailofbits/skills
sharp-edges
Identifies error-prone APIs, dangerous configurations, and footgun designs that enable security mistakes. Use when reviewing API designs, configuration schemas, cryptographic library ergonomics, or evaluating whether code follows 'secure by default' and 'pit of success' principles. Triggers: footgun, misuse-resistant, secure defaults, API usability, dangerous configuration.
trailofbits/skills
insecure-defaults
Detects fail-open insecure defaults (hardcoded secrets, weak auth, permissive security) that allow apps to run insecurely in production. Use when auditing security, reviewing config management, or analyzing environment variable handling.
trailofbits/skills
dwarf-expert
Provides expertise for analyzing DWARF debug files and understanding the DWARF debug format/standard (v3-v5). Triggers when understanding DWARF information, interacting with DWARF files, answering DWARF-related questions, or working with code that parses DWARF data.
Didn't find tool you were looking for?