Skills diagramming-code
install
source · Clone the upstream repo
git clone https://github.com/trailofbits/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/trailofbits/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/trailmark/skills/diagramming-code" ~/.claude/skills/trailofbits-skills-diagramming-code && rm -rf "$T"
manifest:
plugins/trailmark/skills/diagramming-code/SKILL.mdsource content
Diagramming Code
Generates Mermaid diagrams from Trailmark's code graph. A pre-made script handles Mermaid syntax generation; Claude selects the diagram type and parameters.
When to Use
- Visualizing call paths between functions
- Drawing class inheritance hierarchies
- Mapping module import dependencies
- Showing class structure with members
- Highlighting complexity hotspots with color coding
- Tracing data flow from entrypoints to sensitive functions
When NOT to Use
- Querying the graph without visualization (use the
skill)trailmark - Mutation testing triage (use the
skill)genotoxic - Architecture diagrams not derived from code (draw by hand)
Prerequisites
trailmark must be installed. If
uv run trailmarkuv pip install trailmark
DO NOT fall back to hand-writing Mermaid from source code reading. The script uses Trailmark's parsed graph for accuracy. If installation fails, report the error to the user.
Quick Start
uv run {baseDir}/scripts/diagram.py \ --target {targetDir} --type call-graph \ --focus main --depth 2
Output is raw Mermaid text. Wrap in a fenced code block:
```mermaid flowchart TB ... ```
Diagram Types
├─ "Who calls what?" → --type call-graph ├─ "Class inheritance?" → --type class-hierarchy ├─ "Module dependencies?" → --type module-deps ├─ "Class members and structure?" → --type containment ├─ "Where is complexity highest?" → --type complexity └─ "Path from input to function?" → --type data-flow
For detailed examples of each type, see references/diagram-types.md.
Workflow
Diagram Progress: - [ ] Step 1: Verify trailmark is installed - [ ] Step 2: Identify diagram type from user request - [ ] Step 3: Determine focus node and parameters - [ ] Step 4: Run diagram.py script - [ ] Step 5: Verify output is non-empty and well-formed - [ ] Step 6: Embed diagram in response
Step 1: Run
uv run trailmark analyze --summary {targetDir}from trailmark.query.api import QueryEngine engine = QueryEngine.from_directory("{targetDir}", language="{lang}") engine.preanalysis()
Pre-analysis enriches the graph with blast radius, taint propagation, and privilege boundary data used by
data-flowStep 2: Match the user's request to a
--typeStep 3: For
call-graphdata-flow--depth 2--direction LRStep 4: Run the script and capture stdout.
Step 5: Check: output starts with
flowchartclassDiagramStep 6: Wrap output in
```mermaid ```Script Reference
uv run {baseDir}/scripts/diagram.py [OPTIONS]
| Argument | Short | Default | Description |
|---|---|---|---|
| | required | Directory to analyze |
| | | Source language |
| | required | Diagram type (see above) |
| | none | Center diagram on this node |
| | | BFS traversal depth |
| | Layout: | |
| | Min complexity for |
Examples
# Call graph centered on a function uv run {baseDir}/scripts/diagram.py -t src/ -T call-graph -f parse_file # Class hierarchy for a Rust project uv run {baseDir}/scripts/diagram.py -t src/ -l rust -T class-hierarchy # Module dependency map, left-to-right uv run {baseDir}/scripts/diagram.py -t src/ -T module-deps --direction LR # Class members uv run {baseDir}/scripts/diagram.py -t src/ -T containment # Complexity heatmap (threshold 5) uv run {baseDir}/scripts/diagram.py -t src/ -T complexity --threshold 5 # Data flow from entrypoints to a specific function uv run {baseDir}/scripts/diagram.py -t src/ -T data-flow -f execute_query
Customization
Direction: Use
TBLRDepth: Increase
--depthFocus: Always use
--focuscall-graphdata-flowSupporting Documentation
- references/diagram-types.md - Detailed docs and Mermaid examples for each diagram type
- references/mermaid-syntax.md - ID sanitization, escaping, style definitions, and common pitfalls