Can I use this for CI/CD automation?

Yes, it includes specific integration patterns for GitHub Actions, GitLab CI, and Jenkins to automate security scans.

What tools does this SAST skill support?

It provides comprehensive guidance and configuration templates for Semgrep, SonarQube, and CodeQL.

How does it help with false positives?

The skill offers strategies for path filtering, rule sensitivity tuning, and creating organization-specific exceptions to reduce noise.

Is custom rule creation supported?

Absolutely; it provides templates and guidance for writing custom Semgrep patterns and CodeQL queries tailored to your specific codebase.

Does it support compliance standards?

Yes, it includes configuration guidance for meeting regulatory standards like PCI-DSS and SOC 2 through automated scanning.

SAST Security Configuration

Name: SAST Security Configuration
Author: camoneart

bycamoneart

•

보안 및 테스팅

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection in application code.

This skill empowers developers and security engineers to implement robust DevSecOps practices by setting up and fine-tuning industry-standard SAST tools like Semgrep, SonarQube, and CodeQL. It provides specialized guidance for creating custom security rules, establishing automated quality gates in CI/CD pipelines, and reducing false positives, ensuring that security remains a foundational part of the development lifecycle without compromising performance.

주요 기능

01Quality gate and compliance policy configuration for PCI-DSS and SOC 2

023 GitHub stars

03Deep vulnerability research workflows using CodeQL queries

04Automated CI/CD integration for Semgrep, SonarQube, and CodeQL

05Performance optimization and false positive management strategies

06Custom security rule creation with language-specific pattern matching

사용 사례

01Setting up automated security scanning for new multi-language repositories

02Implementing DevSecOps pipelines that block builds on critical security findings

03Developing custom patterns to detect organization-specific security vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add camoneart/claude-code sast-configuration

For use in Claude.ai and ChatGPT

Download Skill