关于
This skill parses and processes SARIF files to work with static analysis results. It enables aggregating findings from multiple tools, deduplicating alerts, and extracting specific vulnerabilities. Use it to integrate security scan data into CI/CD pipelines or analyze scan outputs.
快速安装
Claude Code
推荐npx skills add plurigrid/asi -a claude-code/plugin add https://github.com/plurigrid/asigit clone https://github.com/plurigrid/asi.git ~/.claude/skills/sarif-parsing在 Claude Code 中复制并粘贴此命令以安装该技能
GitHub 仓库
Frequently asked questions
What is the sarif-parsing skill?
sarif-parsing is a Claude Skill by plurigrid. Skills package instructions and resources that Claude loads on demand, so Claude can perform sarif-parsing-related tasks without extra prompting.
How do I install sarif-parsing?
Use the install commands on this page: add sarif-parsing to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does sarif-parsing belong to?
sarif-parsing is in the static-analysis category, tagged data.
Is sarif-parsing free to use?
Yes. sarif-parsing is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
相关推荐技能
这个Skill让开发者能直接通过Claude运行Semgrep静态分析工具,快速扫描代码安全漏洞和进行模式匹配。它支持编写自定义YAML规则、使用污点分析模式,并能协助设置CI/CD流水线中的自动化扫描。特别适合需要在开发过程中快速发现安全问题和集成安全扫描的开发者。
该Skill能解析和处理SARIF格式文件,用于读取安全扫描结果、聚合多工具发现并去重告警。它支持提取特定漏洞数据,并能将SARIF数据集成到CI/CD流程中。开发者可用它统一处理静态分析结果,实现安全报告的自动化管理。
这个Skill让开发者能够使用CodeQL进行静态安全分析,包括漏洞检测、污点追踪和数据流分析。它适用于创建CodeQL数据库、编写自定义QL查询、执行安全审计以及在CI/CD流水线中集成CodeQL。由Trail of Bits开发,为代码安全分析提供了专业级的自动化工具。
这个Skill让开发者能够使用CodeQL进行静态安全分析,包括漏洞检测、污点跟踪和数据流分析。它适用于创建CodeQL数据库、编写自定义QL查询以及执行安全审计。开发者还可以借助它来设置CI/CD管道中的CodeQL集成。
