Login
Download

Skill UI

Browse and discover 9202+ curated skills
All Development Artificial Intelligence Design & Creative Product & Business Data Science Marketing Soft Skills Productivity Engineering Languages
Search Semgrep , found 13 results
Default Newest Most Downloaded

AI-Powered Code Review Specialist

performance-testing-review-ai-review
sickn33/antigravity-awesome-skills
392
A comprehensive specialist that combines automated static analysis (SonarQube, CodeQL, Semgrep) with advanced AI capabilities. This tool performs multi-layered code reviews assessing security vulnerabilities, performance bottlenecks, architectural coherence, and maintainability across various programming languages, integrating seamlessly into CI/CD pipelines.
View Details

SARIF Parsing Assistant

sarif-parsing
trailofbits/skills
492
Parses SARIF files from scanners like CodeQL or Semgrep, offering filtering, deduplication, format conversion, and CI/CD integration without running scans itself.
View Details

SAST Tool Setup and Configuration Guide

sast-configuration
sickn33/antigravity-awesome-skills
396
Provides comprehensive guidance for setting up and configuring Static Application Security Testing (SAST) tools, including Semgrep, SonarQube, and CodeQL. Learn how to integrate security scanning into CI/CD pipelines, define custom security rules, enforce quality gates, and manage compliance policies to proactively identify and remediate code vulnerabilities across multiple programming languages.
View Details

Semgrep Security Scan

semgrep
trailofbits/skills
395
Runs Semgrep static analysis with auto language detection, parallel Task subagents, Semgrep Pro checks, and configurable “run all” or “important only” modes to audit codebases for vulnerabilities and bug patterns.
View Details

Semgrep Rule Creator

semgrep-rule-creator
trailofbits/skills
272
Guides you through building custom Semgrep rules with a testing-first workflow, AST analysis, and taint-mode preference to catch vulnerabilities or bug patterns while steering clear of overly broad or unverified shortcuts.
View Details

Semgrep Rule Porting

semgrep-rule-variant-creator
trailofbits/skills
284
Ports an existing Semgrep rule into each requested language by running applicability analysis, test-first creation, AST-informed rule translation, and validation so that every target-language variant has its own rule+test directory.
View Details

Bug Variant Hunter

variant-analysis
trailofbits/skills
293
Performs pattern-driven searches for similar vulnerabilities across repositories after a known issue is found, guiding analysts through precise generalization, triage, and tool choices (ripgrep, Semgrep, CodeQL) to audit and prioritize true positives.
View Details

Semgrep Rule Creator for Static Analysis

semgrep-rule-creator
sickn33/antigravity-awesome-skills
387
This skill provides a comprehensive guide for creating production-quality custom Semgrep rules. It teaches best practices for detecting security vulnerabilities, enforcing robust coding standards, and identifying specific bug patterns. By emphasizing a test-first approach and utilizing advanced techniques like taint mode, users can write highly accurate static analysis rules that drastically reduce false positives.
View Details

Porting Security Rules Across Languages

semgrep-rule-variant-creator
sickn33/antigravity-awesome-skills
467
This skill provides a structured workflow for porting existing Semgrep security rules to multiple target languages. It guides users through applicability analysis, test-first rule creation, and validation for each language variant, ensuring consistent and accurate security coverage across polyglot codebases.
View Details

Codebase Vulnerability Variant Analysis

variant-analysis
sickn33/antigravity-awesome-skills
146
A systematic skill for identifying similar vulnerabilities and bugs across large, complex codebases. It guides the user through generalizing initial bug patterns using techniques like CodeQL and Semgrep, ensuring comprehensive security audits beyond the initially discovered flaw. Ideal for advanced security research and robust code auditing.
View Details

DevSecOps Security Scanning

implementing-devsecops-security-scanning
mukul975/Anthropic-Cybersecurity-Skills
465
Guides integrating Semgrep, Trivy, OWASP ZAP, and Gitleaks into CI/CD pipelines so teams can spot secrets and vulnerabilities early, satisfy compliance, and gate deployments with automated DevSecOps scans.
View Details

Custom Semgrep SAST Rules

implementing-semgrep-for-custom-sast-rules
mukul975/Anthropic-Cybersecurity-Skills
330
Guide for writing YAML-based Semgrep rules to detect app-specific vulnerabilities, enforce coding standards, and plug into CI/CD for continuous SAST assurance across multiple languages.
View Details
12Next
Language
简体中文
English