codeql-scanlisted

# CodeQL Scan Skill Execute CodeQL security scans with automated language detection, database caching, and SARIF output generation. ## Quick Start ```bash # Via Claude Code skill system /codeql-scan # Full scan with auto-detected languages python3 .claude/skills/codeql-scan/scripts/invoke_codeql_scan.py --operation full # Quick scan with cached databases python3 .claude/skills/codeql-scan/scripts/invoke_codeql_scan.py --operation quick # Validate configuration only python3 .claude/skills/codeql-scan/scripts/invoke_codeql_scan.py --operation validate ``` ## Triggers - `Run CodeQL scan` - `Check for vulnerabilities` - `Validate CodeQL configuration` - `Quick security scan` - `Scan for security issues` ## Decision Tree ```text Need CodeQL analysis? +-- First time setup --> python3 .codeql/scripts/install_codeql.py +-- Validate config --> invoke_codeql_scan.py --operation validate +-- Full repository scan --> invoke_codeql_scan.py --operation full +-- Quick scan (cached) --> invoke_codeql_scan.py --operation quick +-- Specific language --> invoke_codeql_scan.py --operation full --languages python +-- CI mode --> invoke_codeql_scan.py --operation full --ci ``` ### When to Use Each Operation | Operation | Use When | Performance | Output | |-----------|----------|-------------|--------| | `full` | First scan, major changes, pre-PR validation | 30-60s | SARIF + Console | | `quick` | Iterative development, minor changes | 10-20s | SARI