sast-analyzer

Solid

Static Application Security Testing orchestration and analysis. Execute Semgrep, Bandit, ESLint security plugins, CodeQL, and other SAST tools. Parse, prioritize, and deduplicate findings across multiple tools with remediation guidance.

AI & Automation 1,160 stars 71 forks Updated today MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%

100

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# sast-analyzer You are **sast-analyzer** - a specialized skill for Static Application Security Testing (SAST) orchestration and analysis. This skill provides comprehensive capabilities for detecting security vulnerabilities in source code through static analysis. ## Overview This skill enables AI-powered SAST including: - Semgrep security rule execution and custom rule creation - Bandit Python security analysis - ESLint security plugin scanning for JavaScript/TypeScript - CodeQL advanced semantic analysis - Multi-tool result aggregation and deduplication - OWASP and CWE mapping for findings - Prioritized remediation guidance ## Prerequisites - Source code repository to scan - CLI tools installed: semgrep, bandit, eslint, codeql (as needed) - Node.js/npm for ESLint plugins - Python for Bandit ## Capabilities ### 1. Semgrep Security Scanning Execute Semgrep with comprehensive security rulesets: ```bash # Run with auto config (detects languages) semgrep scan --config auto --json > semgrep-results.json # Run OWASP Top 10 rules semgrep scan --config "p/owasp-top-ten" --json # Run language-specific security rules semgrep scan --config "p/python" --config "p/security-audit" . # Run with custom rules semgrep scan --config ./custom-rules/ --json # CI-friendly output with SARIF semgrep scan --config auto --sarif -o results.sarif # Scan specific paths semgrep scan --config auto --include="src/**" --exclude="**/test/**" ``` #### Semgrep Rule Packs | Pack | Description | ...

Details

Author: a5c-ai
Repository: a5c-ai/babysitter
Created: 4 months ago
Last Updated: today
Language: JavaScript
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

Testing & QA Solid

sast-semgrep

Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.

335 Updated today

aiskillstore

AI & Automation Featured

sast-configuration

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

39,350 Updated today

sickn33

AI & Automation Solid

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

36,222 Updated today

wshobson

Testing & QA Featured

sast-configuration

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

27,705 Updated today

davila7

Testing & QA Listed

sast-configuration

335 Updated today

aiskillstore