explainx.ainewsletter3.5k
ai newstrendingpathwaysworkshopsskills
pricing
workshops ↗
explainx.ai

Upskill in AI — 16 free pathways, live workshops & bootcamps, and 50+ courses from practitioners. Plus the skills, tools, and MCP servers to practice on.

follow us

custom AI agents

[email protected]

get started

Join · $29/mo

learn

pathways — start freeworkshopsbootcampscoursescertificationsmock testsexplainx universitycorporate traininglearn skills & mcp

discover

skillsmcp serverstoolsagentsllmsdesignsagi trackerranks

company

aboutvisionmissionteaminstructorscommunityhackathonscareers

content

daily AI newsblogreleasespromptsgeneratorsresource librarydemofor LLMs

solutions

all solutionsdeveloper upskillingmarketing upskillingproduct manager upskillingleadership upskilling

Sister Products

Infloq

Infloq

Influencer marketing

BgBlur

BgBlur

Privacy-first blur

Olly Social

Olly Social

Social AI copilot

Ceptory

Ceptory

Video intelligence

BgRemover

BgRemover

Background removal

newsletter · weekly

Get AI news, tools, and insights in your inbox.

contactsupportprivacytermsdata rightssubmission guidelines

© 2026 AISOLO Technologies Pvt Ltd

home/skills/tag/semgrep
skill tag

semgrep▌

7 indexed skills · max 10 per page

skills (7)

semgrep

semgrep/skills · Productivity

2

Fast, pattern-based static analysis for security scanning and custom rule creation.

semgrep-rule-creator

trailofbits/skills · Productivity

2

Custom Semgrep rule creation with test-driven validation and AST-guided pattern development. \n \n Guides iterative rule authoring: analyze problem, write tests first, inspect AST structure, build patterns, validate with semgrep --test , then optimize \n Prioritizes taint mode for data flow vulnerabilities (sources to sinks) over pattern matching to reduce false positives; supports switching between approaches as needed \n Enforces strict testing discipline: 100% test pass required, safe cases m

implementing-devsecops-security-scanning

mukul975/Anthropic-Cybersecurity-Skills · implementing-devsecops-security-scanning

0

Integrates Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) into CI/CD pipelines using open-source tools. Covers Semgrep for SAST, Trivy for SCA and container scanning, OWASP ZAP for DAST, and Gitleaks for secrets detection. Activates for requests involving DevSecOps pipeline setup, automated security scanning in CI/CD, SAST/DAST/SCA integration, or shift-left security implementation.

implementing-semgrep-for-custom-sast-rules

mukul975/Anthropic-Cybersecurity-Skills · implementing-semgrep-for-custom-sast-rules

0

Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards, and integrate into CI/CD pipelines.

integrating-sast-into-github-actions-pipeline

mukul975/Anthropic-Cybersecurity-Skills · integrating-sast-into-github-actions-pipeline

0

This skill covers integrating Static Application Security Testing (SAST) tools—CodeQL and Semgrep—into GitHub Actions CI/CD pipelines. It addresses configuring automated code scanning on pull requests and pushes, tuning rules to reduce false positives, uploading SARIF results to GitHub Advanced Security, and establishing quality gates that block merges when high-severity vulnerabilities are detected.

semgrep-rule-variant-creator

trailofbits/skills · Productivity

0

Port existing Semgrep rules to new target languages with applicability analysis and test-driven validation. \n \n Takes an existing Semgrep rule and target languages as input; produces independent rule and test directories for each applicable language \n Requires mandatory applicability analysis per language before porting, rejecting shortcuts like assuming identical patterns across different ASTs \n Enforces test-first methodology: write minimum 2 vulnerable and 2 safe test cases before creatin

semgrep

trailofbits/skills · Productivity

0

Parallel static analysis scanner with automatic language detection, Pro cross-file taint tracking, and merged SARIF output. \n \n Supports two scan modes: \"run all\" (complete ruleset coverage) and \"important only\" (high-confidence security vulnerabilities filtered by severity and impact) \n Automatically detects Semgrep Pro availability for cross-file taint analysis; falls back to OSS mode with per-file scanning \n Includes third-party rulesets from Trail of Bits, 0xdea, and Decurity alongsi