codeql▌

Interprocedural security vulnerability scanning with data flow analysis and customizable query suites. \n \n Supports Python, JavaScript/TypeScript, Go, Java/Kotlin, C/C++, C#, Ruby, and Swift with language-specific build methods and extraction strategies \n Three-phase workflow: build database, create data extensions for project-specific APIs, then run analysis with explicit query suite references to avoid silent filtering \n Includes quality assessment, diagnostic queries, and SARIF result pro

This skill provides procedural guidance for configuring and running CodeQL code scanning — both through GitHub Actions workflows and the standalone CodeQL CLI.