Testing
521 installs
sast-configuration
by wshobson/agents
Configure Static Application Security Testing (SAST) tools for automated vulnerability detection in application code. Use when setting up security scanning,…
Skill content
SAST Configuration Static Application Security Testing (SAST) tool setup, configuration, and custom rule creation for comprehensive security scanning across multiple programming languages. Overview This skill provides comprehensive guidance for setting up and configuring SAST tools including Semgrep, SonarQube, and CodeQL. Use this skill when you need to: - Set up SAST scanning in CI/CD pipelines - Create custom security rules for your codebase - Configure quality gates and compliance policies - Optimize scan performance and reduce false positives - Integrate multiple SAST tools for defense-in-depth Core Capabilities 1. Semgrep Configuration