rule▌
4 indexed skills · max 10 per page
semgrep-rule-creator
trailofbits/skills · Productivity
Custom Semgrep rule creation with test-driven validation and AST-guided pattern development. \n \n Guides iterative rule authoring: analyze problem, write tests first, inspect AST structure, build patterns, validate with semgrep --test , then optimize \n Prioritizes taint mode for data flow vulnerabilities (sources to sinks) over pattern matching to reduce false positives; supports switching between approaches as needed \n Enforces strict testing discipline: 100% test pass required, safe cases m
security-detection-rule-management
elastic/agent-skills · Productivity
Create new detection rules for emerging threats and coverage gaps, and tune existing rules to reduce false positives. All operations use the Kibana Detection Engine API via rule-manager.js.
yara-rule-authoring
trailofbits/skills · Productivity
$23
semgrep-rule-variant-creator
trailofbits/skills · Productivity
Port existing Semgrep rules to new target languages with applicability analysis and test-driven validation. \n \n Takes an existing Semgrep rule and target languages as input; produces independent rule and test directories for each applicable language \n Requires mandatory applicability analysis per language before porting, rejecting shortcuts like assuming identical patterns across different ASTs \n Enforces test-first methodology: write minimum 2 vulnerable and 2 safe test cases before creatin