codeql-expert
关于
The codeql-expert skill provides expert-level guidance for CodeQL static analysis, specializing in vulnerability detection, custom query development, and security code scanning. It helps developers integrate CodeQL into CI/CD pipelines and write custom QL queries for security, quality, and compliance analysis. Use this skill when you need to perform deep static analysis, identify security vulnerabilities in multiple languages, or set up automated security scanning in your development workflow.
快速安装
Claude Code
推荐npx skills add majiayu000/claude-skill-registry -a claude-code/plugin add https://github.com/majiayu000/claude-skill-registrygit clone https://github.com/majiayu000/claude-skill-registry.git ~/.claude/skills/codeql-expert在 Claude Code 中复制并粘贴此命令以安装该技能
GitHub 仓库
Frequently asked questions
What is the codeql-expert skill?
codeql-expert is a Claude Skill by majiayu000. Skills package instructions and resources that Claude loads on demand, so Claude can perform codeql-expert-related tasks without extra prompting.
How do I install codeql-expert?
Use the install commands on this page: add codeql-expert to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does codeql-expert belong to?
codeql-expert is in the security category, tagged codeql, static-analysis, sast, vulnerability-detection and github-security.
Is codeql-expert free to use?
Yes. codeql-expert is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
相关推荐技能
这个Skill为AGENT_SUCCESS_CRITERIA环境变量提供集中化的JSON验证,通过防御性解析防止注入攻击。它确保所有21个CFN Loop代理在测试驱动开发中获得一致的错误处理。开发者只需source验证脚本即可快速集成安全的数据验证功能。
audit-expert 为开发者提供专业级安全审计和合规性评估,支持代码审查、漏洞评估及SOC 2/GDPR等法规合规检查。它结合了多种审计框架(如OWASP ASVS、NIST)和工具(包括Read/Write权限与Bash命令),适用于安全审计、代码审查和基础设施配置检查等场景。开发者可借助该Skill系统化识别安全风险,确保项目符合行业安全标准。
Audit-expert为开发者提供专业级安全审计和合规性检查,支持代码审查、漏洞评估及SOC2/GDPR等标准合规分析。它整合了OWASP ASVS、NIST等安全框架,可执行安全审计、代码审查和基础设施配置检查。开发者可用它自动化安全审查流程,快速识别代码漏洞和合规风险。
ClawShield是一个用于OpenClaw安装的安全审计工具,能扫描网关漏洞、定时任务和提示词注入模式。它通过生成JSON报告帮助开发者识别安全风险,特别适用于加固安装防护。该工具提供可视化面板和可配置的定时扫描功能,便于持续监控系统安全状态。
