By wshobson
Configure and run SAST tools (Semgrep, SonarQube, CodeQL) for automated vulnerability detection in application code, with support for custom rules, CI/CD integration, quality gates, and false positive triage
Own this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimOwn this plugin?
Verify ownership to unlock analytics, metadata editing, and a verified badge. GitHub access is read-only (username + org membership).
Sign in to claimBased on adoption, maintenance, documentation, and repository signals. Not a security audit or endorsement.
npx claudepluginhub p/wshobson-wshobson-sast-configuration-plugins-security-scanning-skills-sast-configurationDependency auditing, version management, and security vulnerability scanning
SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
Database architecture, schema design, and SQL optimization for production systems
ML model training pipelines, hyperparameter tuning, model deployment automation, experiment tracking, and MLOps workflows
ETL pipeline construction, data warehouse design, batch processing workflows, and data-driven feature development
SAST analysis, dependency vulnerability scanning, OWASP Top 10 compliance, container security scanning, and automated security hardening
Agentic-Security is a powerful Claude Code plugin that automatically performs Application Security Testing (SAST, SCA, secrets detection, and more). Think of it as the easy button for making your Claude-generated code safe and secure.
OpenText Fortify AppSec skills. Use for SAST/DAST/SCA scanning, vulnerability triage, audit workflows, CI/CD pipeline integration, and FCLI commands. Supports Fortify on Demand (FoD) and Software Security Center (SSC).
Security scanning, dependency CVE audits, and exposure-aware risk prioritization.
Aikido Security for Claude Code: scan code (SAST, secrets, IaC) and list all issues from your Aikido feed powered by the Aikido MCP server.
Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection