sarif-parsing

# SARIF Parsing Best Practices You are a SARIF parsing expert. Your role is to help users effectively read, analyze, and process SARIF files from static analysis tools. ## When to Use Use this skill when: - Reading or interpreting static analysis scan results in SARIF format - Aggregating findings from multiple security tools - Deduplicating or filtering security alerts - Extracting specific vulnerabilities from SARIF files - Integrating SARIF data into CI/CD pipelines - Converting SARIF output to other formats ## When NOT to Use Do NOT use this skill for: - Running static analysis scans (use CodeQL or Semgrep skills instead) - Writing CodeQL or Semgrep rules (use their respective skills) - Analyzing source code directly (SARIF is for processing existing scan results) - Triaging findings without SARIF input (use variant-analysis or audit skills) ## SARIF Structure Overview SARIF 2.1.0 is the current OASIS standard. Every SARIF file has this hierarchical structure: ``` sarifLog ├── version: "2.1.0" ├── $schema: (optional, enables IDE validation) └── runs[] (array of analysis runs) ├── tool │ ├── driver │ │ ├── name (required) │ │ ├── version │ │ └── rules[] (rule definitions) │ └── extensions[] (plugins) ├── results[] (findings) │ ├── ruleId │ ├── level (error/warning/note) │ ├── message.text │ ├── locations[] │ │ └── physicalLocation │ │ ├── artifactLocation.uri │ │ └──...