SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubRun DevOpsDevOpsSecurityTesting

sast-semgrep

Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
77
Hot score
93
Updated
March 20, 2026
Overall rating
C3.0
Composite score
3.0
Best-practice grade
B75.6

Install command

npx @skill-hub/cli install agentsecops-secopsagentkit-sast-semgrep
sastsemgrepvulnerability-scanningcode-securityowaspcwesecurity-review

Repository

AgentSecOps/SecOpsAgentKit

Skill path: skills/appsec/sast-semgrep

Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: DevOps, Security, Testing.

Target audience: Appsec teams looking for install-ready agent workflows..

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: AgentSecOps.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install sast-semgrep into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/AgentSecOps/SecOpsAgentKit before adding sast-semgrep to shared team environments
  • Use sast-semgrep for appsec workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

sast-semgrep | SkillHub