Agent skill

detecting-use-after-free

Detects use-after-free vulnerabilities by identifying pointer dereferences after memory deallocation. Use when analyzing memory management, cleanup code, or investigating dangling pointer issues.

View SKILL.md on GitHub Repository
Stars 163
Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/development/detecting-use-after-free

SKILL.md

Use-After-Free Detection

Detection Workflow

  1. Identify free operations: Find all free(), realloc(), delete calls and note the pointer being freed
  2. Trace pointer usage: Use xrefs_to to find all dereferences of the pointer
  3. Check control flow: Analyze paths through code to identify usage after free
  4. Assess exploitability: Can attacker control freed memory? Is there a useful use-after-free? Can memory be reallocated?

Key Patterns

  • Pointer dereference after free()
  • Double free vulnerabilities
  • Invalid pointer access after realloc()
  • Reference counting issues

Output Format

Report with: id, type, subtype, severity, confidence, location, freed pointer, free operation, use operation, use-after-free status, distance, exploitability, attack scenario, impact, mitigation.

Severity Guidelines

  • CRITICAL: Use-after-free with code execution
  • HIGH: Use-after-free with data corruption
  • MEDIUM: Use-after-free causing crashes
  • LOW: Use-after-free with limited impact

See Also

  • patterns.md - Detailed detection patterns and exploitation scenarios
  • examples.md - Example analysis cases and code samples
  • references.md - CWE references and mitigation strategies

Recommended Agent Skills

Expand your agent's capabilities with these related and highly-rated skills.

majiayu000/claude-skill-registry

agent-ops-spec

Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.

163 31
Explore
majiayu000/claude-skill-registry

agent-ops-state

Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.

163 31
Explore
majiayu000/claude-skill-registry

agent-ops-spec

Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.

163 31
Explore
majiayu000/claude-skill-registry

agent-ops-testing

Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.

163 31
Explore
majiayu000/claude-skill-registry

agent-ops-testing

Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.

163 31
Explore
majiayu000/claude-skill-registry

agent-ops-state

Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.

163 31
Explore

Didn't find tool you were looking for?

Be as detailed as possible for better results