Skills
.Work. You
Rest

x-run-sast

Community

Run SAST scans across languages and report SARIF.

Software Engineering#security#owasp#sast#ci-cd#code-analysis#sarif
Authoredercnj
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Static Application Security Testing (SAST) analyzes source code to identify security vulnerabilities, coding errors, and compliance gaps without running the application, helping teams find issues early.

Core Features & Use Cases

  • Automatically select the appropriate scanner based on the project's build tool and language (SpotBugs/FindSecBugs, Bandit, ESLint security, gosec) with Semgrep as a universal fallback.
  • Produce SARIF 2.1.0 output mapped to OWASP Top 10 with CWE identifiers, plus a Markdown summary report for quick remediation.
  • Use in CI or local workflows to scan Java, Python, JavaScript/TypeScript, Go, and Rust projects, and integrate with code review and security dashboards.

Quick Start

Invoke /x-run-sast in your Claude Code chat to start a full SAST scan of your project.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: x-run-sast
Download link: https://github.com/edercnj/ia-dev-environment/archive/main.zip#x-run-sast

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.