Does it help with reducing false positives?

Yes, the skill provides specific strategies for rule optimization, exclusion patterns, and noise reduction to improve scan accuracy.

Can I use this for CI/CD integration?

Yes, it includes templates and patterns for integrating security scans into GitHub Actions, GitLab CI, and Jenkins pipelines.

What tools does this skill support?

This skill provides specialized configuration guidance and automation patterns for Semgrep, SonarQube, and CodeQL.

Is it suitable for enterprise security compliance?

Absolutely. It covers quality gate settings and rulesets for major compliance standards like PCI-DSS and SOC 2.

SAST Security Configuration

Name: SAST Security Configuration
Author: amurata

byamurata

•

セキュリティとテスト

Configures and optimizes Static Application Security Testing (SAST) tools for automated vulnerability detection across multiple programming languages.

This skill provides comprehensive guidance for setting up and fine-tuning industry-leading SAST tools like Semgrep, SonarQube, and CodeQL. It enables developers to integrate security scanning into CI/CD pipelines, create custom security rules, manage false positives, and maintain high code quality standards. Whether you are establishing a security baseline for a new project or optimizing an existing DevSecOps workflow, this skill helps automate the detection of vulnerabilities and ensures compliance with security best practices.

主な機能

01Custom rule creation for Semgrep, SonarQube, and CodeQL

02CI/CD pipeline integration for automated security gates

03False positive management and scan performance optimization

043 GitHub stars

05Support for multi-language security scanning and analysis

06Implementation of DevSecOps best practices and compliance policies

ユースケース

01Setting up an automated security scanning pipeline for a new web application.

02Optimizing SonarQube quality gates to reduce technical debt and security hotspots.

03Writing custom Semgrep rules to detect organization-specific code patterns.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add amurata/cc-tools sast-configuration

For use in Claude.ai and ChatGPT

Download Skill