{"id":"0bb93b9b-b351-4eb8-928a-940ed531301d","shortId":"KzLtH8","kind":"skill","title":"SAST Pipeline Scanner","tagline":"Runs static application security testing using Semgrep rules and CodeQL queries against pull request diffs. Supports SARIF output format and integrates with GitHub Advanced Security for findings management.","description":"# SAST Pipeline Scanner\n\nRuns static application security testing using Semgrep rules and CodeQL queries against pull request diffs. Supports SARIF output format and integrates with GitHub Advanced Security for findings management.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- $ brew install semgrep\n- $ docker run -it -v \"${PWD}:/src\" semgrep/semgrep semgrep login\n- $ docker run -e SEMGREP_APP_TOKEN=<TOKEN> --rm -v \"${PWD}:/src\" semgrep/semgrep semgrep ci\n- $ brew upgrade semgrep\n\nRequirements and caveats from upstream:\n- <a href=\"https://hub.docker.com/r/semgrep/semgrep\">\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls\" />\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls (Old)\" />\n\nBasic usage or getting-started notes:\n- Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep [supports 30+ languages](#language-support) and can run in an IDE, as a...\n- [From the Semgrep AppSec Platform](#option-1-getting-started-from-the-semgrep-appsec-platform-recommended)\n- [From the CLI](#option-2-getting-started-from-the-cli)\n\n- Source: https://github.com/semgrep/semgrep\n- Extracted from upstream docs: https://raw.githubusercontent.com/semgrep/semgrep/HEAD/README.md\n\n## Documentation\n\n- https://semgrep.dev/docs/\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/sast-pipeline-scanner/)","tags":["sast","pipeline","scanner","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor"],"capabilities":["skill","source-agentskillexchange","skill-sast-pipeline-scanner","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/sast-pipeline-scanner","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,564 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:16.872Z","embedding":null,"createdAt":"2026-05-18T13:19:06.506Z","updatedAt":"2026-05-18T19:12:16.872Z","lastSeenAt":"2026-05-18T19:12:16.872Z","tsv":"'-1':158 '-2':172 '/docs/':193 '/semgrep/semgrep':182 '/semgrep/semgrep/head/readme.md':189 '/skills/sast-pipeline-scanner/)':200 '/src':83,96 '30':139 'advanc':27,58 'agent':195 'agentskillexchange.com':199 'agentskillexchange.com/skills/sast-pipeline-scanner/)':198 'analysi':123 'app':91 'applic':6,37 'appsec':155,165 'basic':108 'brew':75,100 'bug':129 'caveat':105 'ci':99 'cli':170,178 'code':127,135 'codeql':13,44 'diff':18,49 'doc':186 'docker':78,87 'document':190 'e':89 'enforc':131 'environ':74 'exchang':197 'extract':183 'fast':118 'find':30,61,128 'format':22,53 'get':112,160,174 'getting-start':111 'getting-started-from-the-c':173 'getting-started-from-the-semgrep-appsec-platform-recommend':159 'github':26,57 'github.com':181 'github.com/semgrep/semgrep':180 'guardrail':133 'ide':149 'instal':63,67,76 'integr':24,55 'languag':140,142 'language-support':141 'login':86 'manag':31,62 'match':72 'note':114 'open':120 'open-sourc':119 'option':157,171 'output':21,52 'path':70 'pipelin':2,33 'platform':156,166 'pull':16,47 'pwd':82,95 'queri':14,45 'raw.githubusercontent.com':188 'raw.githubusercontent.com/semgrep/semgrep/head/readme.md':187 'recommend':167 'request':17,48 'requir':103 'rm':93 'rule':11,42 'run':4,35,79,88,146 'sarif':20,51 'sast':1,32 'scanner':3,34 'search':126 'secur':7,28,38,59,132 'semgrep':10,41,77,85,90,98,102,115,137,154,164 'semgrep.dev':192 'semgrep.dev/docs/':191 'semgrep/semgrep':84,97 'setup':69 'skill':196 'skill-sast-pipeline-scanner' 'sourc':121,179,194 'source-agentskillexchange' 'standard':136 'start':113,161,175 'static':5,36,122 'support':19,50,138,143 'test':8,39 'token':92 'tool':124 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'upgrad':101 'upstream':66,107,185 'usag':109 'use':9,40,64 'v':81,94","prices":[{"id":"9b86e73f-b77e-48b8-868c-e26968f24fa2","listingId":"0bb93b9b-b351-4eb8-928a-940ed531301d","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:06.506Z"}],"sources":[{"listingId":"0bb93b9b-b351-4eb8-928a-940ed531301d","source":"github","sourceId":"agentskillexchange/skills/sast-pipeline-scanner","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/sast-pipeline-scanner","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:06.506Z","lastSeenAt":"2026-05-18T19:12:16.872Z"}],"details":{"listingId":"0bb93b9b-b351-4eb8-928a-940ed531301d","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"sast-pipeline-scanner","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"27cc5f442842f04845ba553a3b0fd26d11ac7cd0","skill_md_path":"skills/sast-pipeline-scanner/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/sast-pipeline-scanner"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"SAST Pipeline Scanner","description":"Runs static application security testing using Semgrep rules and CodeQL queries against pull request diffs. Supports SARIF output format and integrates with GitHub Advanced Security for findings management."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/sast-pipeline-scanner"},"updatedAt":"2026-05-18T19:12:16.872Z"}}