SecurityMédio

SARIF Parsing Best Practices

portrailofbits·trailofbits· v1.0.0 · atualizado em 2026-04-10

Score

Parse, analyze, and process SARIF (Static Analysis Results Interchange Format) files. Use when reading security scan results, aggregating findings from multiple tools, deduplicating alerts, extracting specific vulnerabilities, or integrating SARIF data into CI/CD pipelines.

sarifstatic-analysissecurity-scanvulnerability-analysiscode-analysissecurity-tooling

0Stars

0Forks

0Usos

Fork

Documento do Skill

SKILL.mdsarif-parsing/workflow

1. Identify the SARIF file(s) to be analyzed.

2. Choose the appropriate tool (jq, pysarif, sarif-tools) based on the analysis requirements.

3. Load the SARIF file(s) using the selected tool.

4. Extract relevant data, such as rule IDs, severity levels, file locations, and messages.

5. Filter and prioritize findings based on severity or other criteria.

6. Aggregate findings from multiple SARIF files, if necessary.

7. Generate a report or take action based on the analyzed data.

Telemetria de Agentes

Execuções

total

Taxa de Sucesso

últimos 30d

Latência Média

0.0s

p50

Alucinação

0.0%

detecção

Tokens Entrada

avg 0/exec

Tokens Saída

avg 0/exec

Uso por Plataforma

Skills Relacionados

Similar aWallet Policy Generator

60%

Similar aQuery Token Audit Skill

60%

Similar aSpring Boot Security Review

60%

Árvore do Skill

SARIF Parsing Best Practices

sarif-parsing

Fases Cognitivas6

1.SENSE

2.CONTEXTUALIZE

3.HYPOTHESIZE

4.EVALUATE

5.RECOMMEND

6.REFLECT

Triggers8

parse sarif fileanalyze static analysis resultsextract vulnerabilities from sarifaggregate sarif findingsprocess sarif dataconvert sarif to other formatsdeduplicate sarif alertsintegrate sarif in ci/cd

Avaliar este Skill

Score Breakdown

⭐Avaliação Humana0%

🤖Sucesso de Agentes0%

🕐Atualidade100%

🔗Saúde de Dependências100%

🕸️Centralidade no Grafo0%

🛡️Segurança50%

CompositeScore = α·Humano + β·Agente + γ·Recência + δ·Deps + ε·Centralidade + ζ·Segurança

Instalação

$ synaptic mcp download sarif-parsing

$ synaptic skills detail sarif-parsing

$ synaptic skills live sarif-parsing

Dependências

jq pysarif sarif-tools sarif-js garif ajv-cli jsonschema

Links

GitHub Repository