skills.homes logoskills.homescapability registry
home/categories/cicd/mukul975-anthropic-cybersecurity-skills-skills-integrating-sast-into-github-actions-pipeline-skill-md
cd ..
cicddevops

integrating-sast-into-github-actions-pipeline

This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.

Ver código fuentecicd
mukul975
maintainer
mukul975
Actualizado 4/6/2026
Estrellas
4240
Forks
464
quick start

Installation and usage

This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.

Instalación
$ install --globalskills.sh
Uso

Después de instalarlo, puedes usar este skill ejecutando el siguiente comando en tu terminal:

skills use integrating-sast-into-github-actions-pipeline