Which SAST tools does this skill support?

This skill provides configuration guidance and implementation patterns for Semgrep, SonarQube, and CodeQL.

Can I use this for CI/CD integration?

Yes, it includes specific integration patterns for GitHub Actions, GitLab CI, Jenkins, and pre-commit hooks.

How does it help with false positives?

The skill offers strategies for rule tuning, allow-listing, and path exclusion to improve scan accuracy and reduce noise.

Does it support custom security rules?

Absolutely, it includes templates and best practices for writing custom security rules tailored to your specific codebase.

Can this skill help with compliance requirements?

Yes, it assists in setting up scans focused on specific compliance frameworks like PCI-DSS and SOC 2.

SAST Security Configuration

Name: SAST Security Configuration
Author: HermeticOrmus

byHermeticOrmus

•

安全与测试

Configures and optimizes Static Application Security Testing (SAST) tools to automate vulnerability detection within the development lifecycle.

This skill empowers Claude to expertly set up and manage industry-standard SAST tools like Semgrep, SonarQube, and CodeQL. It provides specialized guidance on creating custom security rules, integrating automated scans into CI/CD pipelines, and establishing rigorous quality gates to ensure code compliance. By automating vulnerability detection early in the development process, it helps development teams reduce security-related technical debt, improve overall security posture, and maintain compliance with standards such as PCI-DSS and SOC 2.

主要功能

01CI/CD pipeline integration for GitHub, GitLab, and Jenkins

02Quality gate and compliance policy enforcement

03Custom security rule creation and pattern matching

04Multi-tool support for Semgrep, SonarQube, and CodeQL

05False positive tuning and scan performance optimization

062 GitHub stars

使用场景

01Creating custom security rules to enforce organizational coding standards

02Setting up automated security scanning for a new software project

03Implementing DevSecOps practices with integrated security gates

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add hermeticormus/libreuiux-claude-code sast-configuration

For use in Claude.ai and ChatGPT

Download Skill