How does this help with CI/CD integration?

The skill includes ready-to-use YAML templates and integration patterns for GitHub Actions, GitLab CI, and Jenkins to automate security gates.

Which programming languages are covered?

The configuration guidance covers major languages including Python, JavaScript, Go, and Java, depending on the specific SAST tool selected.

Can I use this for custom security rules?

Yes, it provides specific guidance and templates for creating custom patterns for Semgrep and vulnerability queries for CodeQL.

Does it help reduce false positives?

Yes, it includes best practices for tuning rule sensitivity, implementing allow-lists, and managing legitimate suppressions to improve scan accuracy.

What tools does this SAST skill support?

This skill provides configuration guidance for industry-leading SAST tools including Semgrep, SonarQube, and CodeQL.

SAST Security Configuration

Name: SAST Security Configuration
Author: duanbiao2000

byduanbiao2000

0•

보안 및 테스팅

Configures Static Application Security Testing (SAST) tools to automate vulnerability detection and enforce security policies within development workflows.

The SAST Configuration skill provides a comprehensive framework for implementing automated security scanning using industry-standard tools like Semgrep, SonarQube, and CodeQL. It assists developers and security engineers in establishing robust vulnerability detection systems, creating custom security rules tailored to specific codebases, and integrating security gates directly into CI/CD pipelines. This skill is ideal for teams adopting DevSecOps practices who need to reduce false positives, optimize scan performance, and ensure compliance with security standards like PCI-DSS or SOC 2.

주요 기능

01False positive tuning and scan performance optimization

02Custom security rule and pattern development guidance

03Multi-tool integration for Semgrep, SonarQube, and CodeQL

04Automated CI/CD pipeline security gate configuration

05Compliance-focused scanning templates and reporting

060 GitHub stars

사용 사례

01Integrating security checks into GitHub Actions or GitLab CI/CD workflows

02Setting up automated security scanning for a new software project

03Developing custom security rules to detect proprietary or domain-specific vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add duanbiao2000/obsidiandoc26 sast-configuration

For use in Claude.ai and ChatGPT

Download Skill