sast-configuration
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user through installing security tools from official and well-known sources, such as fetching the Semgrep package via pip and the CodeQL extension through the GitHub CLI.
- [COMMAND_EXECUTION]: Provides standard command-line instructions for tool initialization, quality gate configuration, and automated scanning. This includes running a SonarQube Docker container and executing a local automation script (
scripts/run-sast.sh).
Audit Metadata