sast-semgrep

Description

Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.

Tool Access

Full access

Inherits all available tools

Supporting Files

8 files

Additional assets for this skill

Tool Access

This skill inherits all available tools. When active, it can use any tool Claude has access to.

Supporting Assets

assets/ci_config_examples/github-actions.yml

assets/ci_config_examples/gitlab-ci.yml

assets/ci_config_examples/jenkins.groovy

assets/rule_template.yaml

assets/semgrep_config.yaml

references/owasp_cwe_mapping.md

references/remediation_guide.md

references/rule_library.md

Links

GitHub Stats

0 forks

Updated 22 days ago

Related Skills

bash-defensive-patterns

22.8K

Master defensive Bash programming techniques for production-grade scripts. Use when writing robust shell scripts, CI/CD pipelines, or system utilities requiring fault tolerance and safety.

From shell-scripting

bats-testing-patterns

22.8K

Master Bash Automated Testing System (Bats) for comprehensive shell script testing. Use when writing tests for shell scripts, CI/CD pipelines, or requiring test-driven development of shell utilities.

From shell-scripting

shellcheck-configuration

22.8K

Master ShellCheck static analysis configuration and usage for shell script quality. Use when setting up linting infrastructure, fixing code issues, or ensuring script portability.

From shell-scripting