{"id":"44f40903-2809-4cd2-8f1b-bd85e6db81e8","shortId":"YECP94","kind":"skill","title":"Semgrep Code Pattern Scanner","tagline":"Runs Semgrep against a codebase using official or custom rule registries and outputs a grouped report of security anti-patterns, deprecated API usage, and policy violations. Supports 30+ languages and produces SARIF output.","description":"# Semgrep Code Pattern Scanner\n\nRuns Semgrep against a codebase using official or custom rule registries and outputs a grouped report of security anti-patterns, deprecated API usage, and policy violations. Supports 30+ languages and produces SARIF output.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- $ brew install semgrep\n- $ docker run -it -v \"${PWD}:/src\" semgrep/semgrep semgrep login\n- $ docker run -e SEMGREP_APP_TOKEN=<TOKEN> --rm -v \"${PWD}:/src\" semgrep/semgrep semgrep ci\n- $ brew upgrade semgrep\n\nRequirements and caveats from upstream:\n- <a href=\"https://hub.docker.com/r/semgrep/semgrep\">\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls\" />\n- <img src=\"https://img.shields.io/docker/pulls/semgrep/semgrep.svg?style=flat-square\" alt=\"Docker Pulls (Old)\" />\n\nBasic usage or getting-started notes:\n- Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep [supports 30+ languages](#language-support) and can run in an IDE, as a...\n- [From the Semgrep AppSec Platform](#option-1-getting-started-from-the-semgrep-appsec-platform-recommended)\n- [From the CLI](#option-2-getting-started-from-the-cli)\n\n- Source: https://github.com/semgrep/semgrep\n- Extracted from upstream docs: https://raw.githubusercontent.com/semgrep/semgrep/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/semgrep-code-pattern-scanner-2/)","tags":["semgrep","code","pattern","scanner","skills","agentskillexchange","agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex"],"capabilities":["skill","source-agentskillexchange","skill-semgrep-code-pattern-scanner-2","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/semgrep-code-pattern-scanner-2","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,550 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:24.299Z","embedding":null,"createdAt":"2026-05-18T13:19:17.304Z","updatedAt":"2026-05-18T19:12:24.299Z","lastSeenAt":"2026-05-18T19:12:24.299Z","tsv":"'-1':172 '-2':186 '/semgrep/semgrep':196 '/semgrep/semgrep/head/readme.md':203 '/skills/semgrep-code-pattern-scanner-2/)':210 '/src':97,110 '30':33,71,153 'agent':205 'agentskillexchange.com':209 'agentskillexchange.com/skills/semgrep-code-pattern-scanner-2/)':208 'analysi':137 'anti':24,62 'anti-pattern':23,61 'api':27,65 'app':105 'appsec':169,179 'basic':122 'brew':89,114 'bug':143 'caveat':119 'ci':113 'cli':184,192 'code':2,40,141,149 'codebas':9,47 'custom':13,51 'deprec':26,64 'doc':200 'docker':92,101 'e':103 'enforc':145 'environ':88 'exchang':207 'extract':197 'fast':132 'find':142 'get':126,174,188 'getting-start':125 'getting-started-from-the-c':187 'getting-started-from-the-semgrep-appsec-platform-recommend':173 'github.com':195 'github.com/semgrep/semgrep':194 'group':19,57 'guardrail':147 'ide':163 'instal':77,81,90 'languag':34,72,154,156 'language-support':155 'login':100 'match':86 'note':128 'offici':11,49 'open':134 'open-sourc':133 'option':171,185 'output':17,38,55,76 'path':84 'pattern':3,25,41,63 'platform':170,180 'polici':30,68 'produc':36,74 'pwd':96,109 'raw.githubusercontent.com':202 'raw.githubusercontent.com/semgrep/semgrep/head/readme.md':201 'recommend':181 'registri':15,53 'report':20,58 'requir':117 'rm':107 'rule':14,52 'run':5,43,93,102,160 'sarif':37,75 'scanner':4,42 'search':140 'secur':22,60,146 'semgrep':1,6,39,44,91,99,104,112,116,129,151,168,178 'semgrep/semgrep':98,111 'setup':83 'skill':206 'skill-semgrep-code-pattern-scanner-2' 'sourc':135,193,204 'source-agentskillexchange' 'standard':150 'start':127,175,189 'static':136 'support':32,70,152,157 'token':106 'tool':138 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'upgrad':115 'upstream':80,121,199 'usag':28,66,123 'use':10,48,78 'v':95,108 'violat':31,69","prices":[{"id":"b0dd7b5e-22d6-4fe5-82d5-a539eb1d18e6","listingId":"44f40903-2809-4cd2-8f1b-bd85e6db81e8","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:17.304Z"}],"sources":[{"listingId":"44f40903-2809-4cd2-8f1b-bd85e6db81e8","source":"github","sourceId":"agentskillexchange/skills/semgrep-code-pattern-scanner-2","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-code-pattern-scanner-2","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:17.304Z","lastSeenAt":"2026-05-18T19:12:24.299Z"}],"details":{"listingId":"44f40903-2809-4cd2-8f1b-bd85e6db81e8","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"semgrep-code-pattern-scanner-2","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"f6842cbdb691ba020af1a10a3c77ade3c95e06f8","skill_md_path":"skills/semgrep-code-pattern-scanner-2/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/semgrep-code-pattern-scanner-2"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Semgrep Code Pattern Scanner","description":"Runs Semgrep against a codebase using official or custom rule registries and outputs a grouped report of security anti-patterns, deprecated API usage, and policy violations. Supports 30+ languages and produces SARIF output."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/semgrep-code-pattern-scanner-2"},"updatedAt":"2026-05-18T19:12:24.299Z"}}