rule▌

Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js.

$23

Port existing Semgrep rules to new target languages with applicability analysis and test-driven validation. \n \n Takes an existing Semgrep rule and target languages as input; produces independent rule and test directories for each applicable language \n Requires mandatory applicability analysis per language before porting, rejecting shortcuts like assuming identical patterns across different ASTs \n Enforces test-first methodology: write minimum 2 vulnerable and 2 safe test cases before creatin

Custom Semgrep rule creation with test-driven validation and AST-guided pattern development. \n \n Guides iterative rule authoring: analyze problem, write tests first, inspect AST structure, build patterns, validate with semgrep --test , then optimize \n Prioritizes taint mode for data flow vulnerabilities (sources to sinks) over pattern matching to reduce false positives; supports switching between approaches as needed \n Enforces strict testing discipline: 100% test pass required, safe cases m