security-scanning-security-sast

Featured

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

AI & Automation 39,227 stars 6374 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# SAST Security Plugin Static Application Security Testing (SAST) for comprehensive code vulnerability detection across multiple languages, frameworks, and security patterns. ## Capabilities - **Multi-language SAST**: Python, JavaScript/TypeScript, Java, Ruby, PHP, Go, Rust - **Tool integration**: Bandit, Semgrep, ESLint Security, SonarQube, CodeQL, PMD, SpotBugs, Brakeman, gosec, cargo-clippy - **Vulnerability patterns**: SQL injection, XSS, hardcoded secrets, path traversal, IDOR, CSRF, insecure deserialization - **Framework analysis**: Django, Flask, React, Express, Spring Boot, Rails, Laravel - **Custom rule authoring**: Semgrep pattern development for organization-specific security policies ## Use this skill when Use for code review security analysis, injection vulnerabilities, hardcoded secrets, framework-specific patterns, custom security policy enforcement, pre-deployment validation, legacy code assessment, and compliance (OWASP, PCI-DSS, SOC2). **Specialized tools**: Use `security-secrets.md` for advanced credential scanning, `security-owasp.md` for Top 10 mapping, `security-api.md` for REST/GraphQL endpoints. ## Do not use this skill when - You only need runtime testing or penetration testing - You cannot access the source code or build outputs - The environment forbids third-party scanning tools ## Instructions 1. Identify the languages, frameworks, and scope to scan. 2. Select SAST tools and configure rules for the codebase. 3. Run scans in CI or locally...

Details

Author
sickn33
Repository
sickn33/antigravity-awesome-skills
Created
4 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Django · Backend Spring · Backend Laravel · Backend GraphQL · API

Similar Skills

Semantically similar based on skill content — not just same category

Testing & QA Listed

security-scanning-security-sast

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

335 Updated today
aiskillstore
AI & Automation Solid

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

36,166 Updated yesterday
wshobson
Testing & QA Listed

sast-configuration

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning, implementing DevSecOps practices, or automating code vulnerability detection.

335 Updated today
aiskillstore
AI & Automation Featured

sast-configuration

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

39,227 Updated today
sickn33
Testing & QA Featured

sast-configuration

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

27,681 Updated today
davila7