sarif-tools
CommunityProcess and analyze SARIF security scan results.
Software Engineering#code quality#static analysis#reporting#vulnerability management#security scanning#sarif
Authorigbuend
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill streamlines the management and analysis of SARIF (Static Analysis Results Interchange Format) files, making it easier to consolidate, report on, and act upon security scan findings.
Core Features & Use Cases
- Consolidation: Merge SARIF outputs from multiple security tools into a single file.
- Reporting: Generate human-readable reports (CSV, HTML, Word) and machine-readable formats (Code Climate JSON).
- Analysis: Diff scan results between builds to identify regressions, add git blame information for context, and filter findings based on various criteria.
- Use Case: After running multiple SAST tools on your codebase, use this Skill to combine all their SARIF outputs, generate an HTML report, and then diff the current results against the previous build's baseline to quickly spot new vulnerabilities.
Quick Start
Use the sarif-tools skill to generate a CSV report of all findings from the './sarif-output/' directory.
Dependency Matrix
Required Modules
sarif-tools
Components
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sarif-tools Download link: https://github.com/igbuend/grimbard/archive/main.zip#sarif-tools Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.