semgrep
About
This skill enables Semgrep static analysis for fast security scanning and pattern matching in code. It helps developers find vulnerabilities, write custom YAML rules, use taint mode analysis, and integrate scanning into CI/CD pipelines. Use it when you need to perform security-focused static code analysis with Semgrep.
Quick Install
Claude Code
Recommendednpx skills add plurigrid/asi -a claude-code/plugin add https://github.com/plurigrid/asigit clone https://github.com/plurigrid/asi.git ~/.claude/skills/semgrepCopy and paste this command in Claude Code to install this skill
GitHub Repository
Related Skills
sarif-parsing
OtherThis skill parses and processes SARIF files to work with static analysis results. It helps developers aggregate findings from multiple tools, deduplicate alerts, and extract specific vulnerabilities. Use it to integrate security scan data into CI/CD pipelines or analyze scan outputs.
codeql
OtherThis skill enables CodeQL static analysis for security vulnerability detection, taint tracking, and data flow analysis. Developers should use it to analyze code, create CodeQL databases, write custom QL queries, or set up security audits in CI/CD pipelines. It's ideal for performing comprehensive security analysis on codebases.
sarif-parsing
OtherThis skill parses and processes SARIF files to work with static analysis results. It enables aggregating findings from multiple tools, deduplicating alerts, and extracting specific vulnerabilities. Use it to integrate security scan data into CI/CD pipelines or analyze scan outputs.
semgrep
OtherThis skill enables developers to run Semgrep for fast static code analysis and security vulnerability scanning. It supports writing custom YAML rules, using taint mode analysis, and integrating Semgrep into CI/CD pipelines. Use it when you need to quickly scan code for security patterns or set up automated security checks.