Testing 521 installs

sast-configuration

by wshobson/agents

Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning,…

Skill content

SAST Configuration

Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages.

Overview

This skill provides comprehensive guidance for setting up and configuring SAST tools including Semgrep, SonarQube, and CodeQL. Use this skill when you need to:

- Set up SAST scanning in CI/CD pipelines

- Create custom security rules for your codebase

- Configure quality gates and compliance policies

- Optimize scan performance and reduce false positives

- Integrate multiple SAST tools for defense-in-depth

Core Capabilities

1. Semgrep Configuration