DevOpsMédio

Semgrep

portrailofbits·trailofbits· v1.0.0 · atualizado em 2026-04-10

Score

static-analysiscode-scanningsecuritycode-qualitydevsecopsbug-detection

0Stars

0Forks

0Usos

Fork

Documento do Skill

SKILL.mdsemgrep/workflow

1. Install Semgrep using pip, Homebrew, or Docker.

2. Run an initial scan with `semgrep --config auto` to detect common issues.

3. Select targeted rulesets from the Semgrep Registry based on language and security focus.

4. Review and triage results, filtering by severity and using SARIF or JSON output formats.

5. Configure ignored files and directories using a `.semgrepignore` file.

6. Write custom rules in YAML to detect project-specific patterns and vulnerabilities.

7. Integrate Semgrep into CI/CD pipelines to automate code scanning for each commit.

Telemetria de Agentes

Execuções

total

Taxa de Sucesso

últimos 30d

Latência Média

0.0s

p50

Alucinação

0.0%

detecção

Tokens Entrada

avg 0/exec

Tokens Saída

avg 0/exec

Uso por Plataforma

Skills Relacionados

Depende de ←Semgrep Rule Variant Creator

100%

Similar aAnti-Patterns

60%

Similar aCommit work

60%

Árvore do Skill

Semgrep

semgrep

Fases Cognitivas6

1.SENSE

2.CONTEXTUALIZE

3.EVALUATE

4.RECOMMEND

5.ACT

6.REFLECT

Triggers7

scan code for vulnerabilities with semgrepfind bugs in code using static analysisrun semgrep to detect code patternsuse semgrep to enforce code standardsscan code for security issues with semgrepautomate code review with semgrepintegrate semgrep into CI/CD pipeline

Avaliar este Skill

Score Breakdown

⭐Avaliação Humana0%

🤖Sucesso de Agentes0%

🕐Atualidade100%

🔗Saúde de Dependências100%

🕸️Centralidade no Grafo0%

🛡️Segurança50%

CompositeScore = α·Humano + β·Agente + γ·Recência + δ·Deps + ε·Centralidade + ζ·Segurança

Instalação

$ synaptic mcp download semgrep

$ synaptic skills detail semgrep

$ synaptic skills live semgrep

Dependências

python pip homebrew docker

Links

GitHub Repository