sast-config
CommunityOptimize SAST setup for comprehensive security coverage.
Authordo360now
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security teams review and improve their static application security testing (SAST) configurations, ensuring optimal detection of vulnerabilities aligned with industry standards.
Core Features & Use Cases
- Configuration Discovery: Identifies SAST tools, rule sets, and CI integration points within repositories.
- Coverage Analysis: Maps active rules against CWE Top 25 to identify security gaps.
- Rule Assessment: Reviews and suggests best practices for Semgrep and CodeQL rules, including authoring and suppression strategies.
- Automation Planning: Guides on integrating SAST into CI/CD pipelines for continuous security monitoring.
- Use Case: A security analyst can perform a quick assessment of a new codebase's SAST coverage and identify critical vulnerability detection gaps.
Quick Start
Run the analysis script to evaluate your existing SAST configurations and coverage for your project.
Dependency Matrix
Required Modules
semgrepcodeqljson
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sast-config Download link: https://github.com/do360now/security-agents/archive/main.zip#sast-config Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.