Item: security-scanning-security-sast
Rating: 4.1
Author: Implexa

security-scanning-security-sast

Static Application Security Testing (SAST) for code vulnerability

copies: implexa run skills.sh/security-scanning-security-sast

view source

installs

stars

karma

SkillRank score ↗

4.1/ 10

evaluated by implexa, claude-haiku-4-5 · 2026-05-26

security-scanning-security-sast covers static code analysis across multiple languages and frameworks, detecting common injection flaws, secrets, and framework-specific vulnerabilities via integrated scanning tools.

structure

3.0

trigger phrases

2.0

procedure

3.0

edge cases

2.0

documentation

5.0

strengths

SKILL.md

SAST Security Plugin

Static Application Security Testing (SAST) for comprehensive code vulnerability detection across multiple languages, frameworks, and security patterns.

Capabilities

Multi-language SAST: Python, JavaScript/TypeScript, Java, Ruby, PHP, Go, Rust

Tool integration: Bandit, Semgrep, ESLint Security, SonarQube, CodeQL, PMD, SpotBugs, Brakeman, gosec, cargo-clippy

Vulnerability patterns: SQL injection, XSS, hardcoded secrets, path traversal, IDOR, CSRF, insecure deserialization

Framework analysis: Django, Flask, React, Express, Spring Boot, Rails, Laravel

Custom rule authoring: Semgrep pattern development for organization-specific security policies

Use this skill when

Use for code review security analysis, injection vulnerabilities, hardcoded secrets, framework-specific patterns, custom security policy enforcement, pre-deployment validation, legacy code assessment, and compliance (OWASP, PCI-DSS, SOC2).

Specialized tools: Use security-secrets.md for advanced credential scanning, security-owasp.md for Top 10 mapping, security-api.md for REST/GraphQL endpoints.

Do not use this skill when

don't have the plugin yet? install it then click "run inline in claude" again.

security-scanning-security-sast

SKILL.md

related skills