semgrep
Semgrep is a fast, lightweight static analysis tool for finding bugs, security vulnerabilities, and enforcing code standards across a codebase. The agent should use this skill when asked to run static analysis, scan code for security issues, detect code patterns or anti-patterns, write or test custom Semgrep rules, set up SAST in CI/CD pipelines, triage scan findings, suppress false positives, or perform a rapid security audit without building the project.
Installation and usage
Semgrep is a fast, lightweight static analysis tool for finding bugs, security vulnerabilities, and enforcing code standards across a codebase. The agent should use this skill when asked to run static analysis, scan code for security issues, detect code patterns or anti-patterns, write or test custom Semgrep rules, set up SAST in CI/CD pipelines, triage scan findings, suppress false positives, or perform a rapid security audit without building the project.
설치 후 터미널에서 다음 명령을 실행하여 이 스킬을 사용할 수 있습니다:
skills use semgrep