implementing-semgrep-for-custom-sast-rules

Featured

Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards, and integrate into CI/CD pipelines.

AI & Automation 13,115 stars 1533 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Semgrep for Custom SAST Rules ## Overview Semgrep is an open-source static analysis tool that uses pattern-matching to find bugs, enforce code standards, and detect security vulnerabilities. Custom rules are written in YAML using Semgrep's pattern syntax, making it accessible without requiring compiler knowledge. It supports 30+ languages including Python, JavaScript, Go, Java, and C. ## When to Use - When deploying or configuring implementing semgrep for custom sast rules capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Python 3.8+ or Docker - Semgrep CLI installed - Target codebase in a supported language ## Installation ```bash # Install via pip pip install semgrep # Install via Homebrew brew install semgrep # Run via Docker docker run -v "${PWD}:/src" returntocorp/semgrep semgrep --config auto /src # Verify semgrep --version ``` ## Running Semgrep ```bash # Auto-detect rules for your code semgrep --config auto . # Use Semgrep registry rules semgrep --config r/python.lang.security # Use custom rule file semgrep --config my-rules.yaml . # Use multiple configs semgrep --config auto --config ./custom-rules/ . # JSON output semgrep --config auto --json . > results.json # SARIF output for GitHub semgrep --config auto --sarif . > resu...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

Testing & QA Solid

sast-semgrep

Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.

335 Updated today
aiskillstore
AI & Automation Featured

semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

39,350 Updated today
sickn33
Web & Frontend Listed

semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

0 Updated 1 months ago
jessicascruz
Web & Frontend Listed

semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

0 Updated 2 months ago
scapilix
Web & Frontend Solid

semgrep-rule-creator

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

5,501 Updated 4 days ago
trailofbits