{"id":"dee14d16-48dc-4ee1-b8a0-1f20a3b11442","shortId":"SAKw2Z","kind":"skill","title":"Semgrep Pattern Scanner","tagline":"Executes Semgrep CLI with custom YAML rules and the Semgrep Registry API to detect anti-patterns, vulnerabilities, and taint tracking violations. Outputs SARIF-formatted results for GitHub Security tab integration.","description":"# Semgrep Pattern Scanner\n\nExecutes Semgrep CLI with custom YAML rules and the Semgrep Registry API to detect anti-patterns, vulnerabilities, and taint tracking violations. Outputs SARIF-formatted results for GitHub Security tab integration.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- $ brew install semgrep\n- $ docker run -it -v \"${PWD}:/src\" semgrep/semgrep semgrep login\n- $ docker run -e SEMGREP_APP_TOKEN=<TOKEN> --rm -v \"${PWD}:/src\" semgrep/semgrep semgrep ci\n- $ brew upgrade semgrep\n\nRequirements and caveats from upstream:\n- <a href=\"https://hub.docker.com/r/semgrep/semgrep\">\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls\" />\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls (Old)\" />\n\nBasic usage or getting-started notes:\n- Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep [supports 30+ languages](#language-support) and can run in an IDE, as a...\n- [From the Semgrep AppSec Platform](#option-1-getting-started-from-the-semgrep-appsec-platform-recommended)\n- [From the CLI](#option-2-getting-started-from-the-cli)\n\n- Source: https://github.com/semgrep/semgrep\n- Extracted from upstream docs: https://raw.githubusercontent.com/semgrep/semgrep/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/semgrep-pattern-scanner/)","tags":["semgrep","pattern","scanner","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor"],"capabilities":["skill","source-agentskillexchange","skill-semgrep-pattern-scanner","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/semgrep-pattern-scanner","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,529 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:25.153Z","embedding":null,"createdAt":"2026-05-18T13:19:18.534Z","updatedAt":"2026-05-18T19:12:25.153Z","lastSeenAt":"2026-05-18T19:12:25.153Z","tsv":"'-1':166 '-2':180 '/semgrep/semgrep':190 '/semgrep/semgrep/head/readme.md':197 '/skills/semgrep-pattern-scanner/)':204 '/src':91,104 '30':147 'agent':199 'agentskillexchange.com':203 'agentskillexchange.com/skills/semgrep-pattern-scanner/)':202 'analysi':131 'anti':19,54 'anti-pattern':18,53 'api':15,50 'app':99 'appsec':163,173 'basic':116 'brew':83,108 'bug':137 'caveat':113 'ci':107 'cli':6,41,178,186 'code':135,143 'custom':8,43 'detect':17,52 'doc':194 'docker':86,95 'e':97 'enforc':139 'environ':82 'exchang':201 'execut':4,39 'extract':191 'fast':126 'find':136 'format':29,64 'get':120,168,182 'getting-start':119 'getting-started-from-the-c':181 'getting-started-from-the-semgrep-appsec-platform-recommend':167 'github':32,67 'github.com':189 'github.com/semgrep/semgrep':188 'guardrail':141 'ide':157 'instal':71,75,84 'integr':35,70 'languag':148,150 'language-support':149 'login':94 'match':80 'note':122 'open':128 'open-sourc':127 'option':165,179 'output':26,61 'path':78 'pattern':2,20,37,55 'platform':164,174 'pwd':90,103 'raw.githubusercontent.com':196 'raw.githubusercontent.com/semgrep/semgrep/head/readme.md':195 'recommend':175 'registri':14,49 'requir':111 'result':30,65 'rm':101 'rule':10,45 'run':87,96,154 'sarif':28,63 'sarif-format':27,62 'scanner':3,38 'search':134 'secur':33,68,140 'semgrep':1,5,13,36,40,48,85,93,98,106,110,123,145,162,172 'semgrep/semgrep':92,105 'setup':77 'skill':200 'skill-semgrep-pattern-scanner' 'sourc':129,187,198 'source-agentskillexchange' 'standard':144 'start':121,169,183 'static':130 'support':146,151 'tab':34,69 'taint':23,58 'token':100 'tool':132 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'track':24,59 'upgrad':109 'upstream':74,115,193 'usag':117 'use':72 'v':89,102 'violat':25,60 'vulner':21,56 'yaml':9,44","prices":[{"id":"2cbc18ae-c0c5-49c6-a53a-36766ca08a9e","listingId":"dee14d16-48dc-4ee1-b8a0-1f20a3b11442","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:18.534Z"}],"sources":[{"listingId":"dee14d16-48dc-4ee1-b8a0-1f20a3b11442","source":"github","sourceId":"agentskillexchange/skills/semgrep-pattern-scanner","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-pattern-scanner","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:18.534Z","lastSeenAt":"2026-05-18T19:12:25.153Z"}],"details":{"listingId":"dee14d16-48dc-4ee1-b8a0-1f20a3b11442","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"semgrep-pattern-scanner","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"b1b563d8a58f9fb934d8d0d51e07fef9c45ac013","skill_md_path":"skills/semgrep-pattern-scanner/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-pattern-scanner"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Semgrep Pattern Scanner","description":"Executes Semgrep CLI with custom YAML rules and the Semgrep Registry API to detect anti-patterns, vulnerabilities, and taint tracking violations. Outputs SARIF-formatted results for GitHub Security tab integration."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/semgrep-pattern-scanner"},"updatedAt":"2026-05-18T19:12:25.153Z"}}