Semgrep

Semgrep is a static analysis tool for finding bugs and enforcing code standards in your codebase. Developers and security engineers use it to automate code reviews and prevent security vulnerabilities. It supports many languages and integrates into existing workflows.

Official docs: https://semgrep.dev/docs

Semgrep Overview

• Scan
  • File
  • Repository
• Rule
• Configuration
• Organization
• User

Working with Semgrep

This skill uses the Membrane CLI to interact with Semgrep. Membrane handles authentication and credentials refresh automatically — so you can focus on the integration logic rather than auth plumbing.