codeql-semgrep
CommunityDetect deep code vulnerabilities before merge.
System Documentation
What problem does it solve?
It solves the problem of missing security vulnerabilities in code by combining deep data-flow analysis with structural pattern matching, producing actionable remediation guidance that can be enforced in CI/CD.
Core Features & Use Cases
- Deep vulnerability detection with CodeQL: Traces data flow from sources (e.g., user input) to sinks (e.g., dangerous operations) to catch issues regex-based scanners often miss.
- Structural and rule-based security coverage with Semgrep: Identifies syntactic and architectural anti-patterns via custom semgrep rules, including invariants like “auth on every route” or “no stack trace leakage.”
- Project-specific security enforcement: Lets the agent generate custom CodeQL queries and Semgrep rules tailored to your codebase patterns and security requirements, then run scans as CI/CD gates.
Use case example: An AI-assisted developer submits a PR that introduces potential SQL injection and a route missing authentication; this skill generates/uses CodeQL data-flow analysis plus Semgrep custom rules to identify both issues, deduplicate findings, prioritize them, and fail the CI gate on ERROR findings.
Quick Start
Use the codeql-semgrep skill to run static security analysis on your repository and produce a prioritized remediation report from CodeQL queries and Semgrep rules.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: codeql-semgrep Download link: https://github.com/itallstartedwithaidea/agent-skills/archive/main.zip#codeql-semgrep Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.