security-scanning
Installation
SKILL.md
Security Scanning
Run static analysis, dependency audits, secret detection, and container scanning.
Static Analysis (SAST)
Semgrep — find code-level vulnerabilities
# Scan current directory with auto-detected rules
semgrep scan --config auto .
# Scan with OWASP top 10 rules
semgrep scan --config "p/owasp-top-ten" .
# Scan specific language
semgrep scan --config "p/python" src/