Does it help with compliance scanning?

Yes, it includes configurations specifically designed to audit code against standards like PCI-DSS, SOC 2, and the OWASP Top 10.

Which SAST tools does this skill support?

This skill provides comprehensive configuration guidance for Semgrep, SonarQube, and CodeQL across multiple programming languages.

How does it handle false positives in security scans?

The skill provides strategies for rule tuning, path exclusion, and organizational policy enforcement to ensure scan results are relevant and actionable.

Can I use this for CI/CD pipeline automation?

Yes, it includes ready-to-use templates and patterns for GitHub Actions, GitLab CI, and Jenkins to automate security scanning on every push.

SAST Security Configuration

Name: SAST Security Configuration
Author: HermeticOrmus

byHermeticOrmus

0•

セキュリティとテスト

Configures and optimizes Static Application Security Testing (SAST) tools to automate code vulnerability detection and enforce security standards.

The SAST Configuration skill empowers developers to implement robust Static Application Security Testing workflows using industry-standard tools like Semgrep, SonarQube, and CodeQL. It provides specialized guidance for creating custom security rules, establishing quality gates, and integrating automated scans directly into CI/CD pipelines. By automating the identification of vulnerabilities early in the development lifecycle, this skill helps teams maintain high security standards, reduce false positives, and ensure compliance with industry frameworks like OWASP, PCI-DSS, and SOC 2.

主な機能

01Quality gate configuration and compliance policy enforcement

02Custom security rule development and pattern matching

03Automated setup for Semgrep, SonarQube, and CodeQL

04Optimization strategies to reduce false positives and scan time

050 GitHub stars

06Seamless CI/CD pipeline and pre-commit hook integration

ユースケース

01Establishing a security baseline for new or existing codebases

02Automating vulnerability detection within GitHub Actions or GitLab CI

03Developing organization-specific security rules for custom frameworks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/hermetic-academy sast-configuration

For use in Claude.ai and ChatGPT

Download Skill