01Automated secret detection for API keys, tokens, and hardcoded credentials
02Multi-language dependency vulnerability scanning for Node.js, Python, and Rust
03Container image and filesystem scanning using Trivy
04Compliance-focused license auditing to identify risky copyleft licenses
051 GitHub stars
06Static Application Security Testing (SAST) using Semgrep with auto-config rules
