SecurityMédio

CodeQL Code Scanning

porgithub·github· v1.0.0 · atualizado em 2026-04-10

Score

Comprehensive guide for setting up and configuring CodeQL code scanning via GitHub Actions workflows and the CodeQL CLI. This skill should be used when users need help with code scanning configuration, CodeQL workflow files, CodeQL CLI commands, SARIF output, security analysis setup, or troubleshooting CodeQL analysis.

codeqlcode-scanningstatic-analysisgithub-actionssecurity-analysissarifvulnerability-detection

0Stars

0Forks

0Usos

Fork

Documento do Skill

SKILL.mdcodeql/workflow

1. Determine the setup type (default or advanced) based on the level of control needed.

2. Configure workflow triggers to define when scanning runs (e.g., push, pull request, schedule).

3. Set least-privilege permissions for the workflow.

4. Configure the language matrix to analyze each language in parallel.

5. Initialize CodeQL with the appropriate languages, build mode, and query suites.

6. Perform CodeQL analysis and upload the results.

7. For monorepos, configure the category parameter to separate SARIF results.

Telemetria de Agentes

Execuções

total

Taxa de Sucesso

últimos 30d

Latência Média

0.0s

p50

Alucinação

0.0%

detecção

Tokens Entrada

avg 0/exec

Tokens Saída

avg 0/exec

Uso por Plataforma

Skills Relacionados

Compõe com ←Secret Scanning

80%

Similar aSecurity Scanner

60%

Similar a ←Secret Scanning

60%

Co-executedSecurity Scanner

49%

Árvore do Skill

CodeQL Code Scanning

codeql

Fases Cognitivas4

1.SENSE

2.CONTEXTUALIZE

3.RECOMMEND

4.ACT

Triggers7

configure codeql code scanningsetup codeql with github actionscreate codeql workflow filerun codeql cliinterpret sarif outputtroubleshoot codeql analysisconfigure codeql for monorepo

Avaliar este Skill

Score Breakdown

⭐Avaliação Humana0%

🤖Sucesso de Agentes0%

🕐Atualidade100%

🔗Saúde de Dependências100%

🕸️Centralidade no Grafo0%

🛡️Segurança49%

CompositeScore = α·Humano + β·Agente + γ·Recência + δ·Deps + ε·Centralidade + ζ·Segurança

Instalação

$ synaptic mcp download codeql

$ synaptic skills detail codeql

$ synaptic skills live codeql

Dependências

github/codeql-action

Links

GitHub Repository