Security

Static Analysis

Name: Static Analysis
Rating: 5 (1915 reviews)
Author: Trail of Bits

byTrail of Bits

1.9KJan 20, 2025

Install Command

$npx skills add trailofbits/skills

About

Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for comprehensive code security analysis.

securitycodeqlsemgrepsarif

How to Use

Use /static-analysis to scan code for vulnerabilities. Supports CodeQL, Semgrep, and SARIF output parsing.

Run the install command in your terminal while in your project directory.

Open Claude Code in your project. The skill will be automatically detected.

Claude will automatically use the skill when relevant, or you can explicitly ask for it.

CategorySecurity

GitHub Stars1.9K

CreatedJun 15, 2024

UpdatedJan 20, 2025

Related Skills

Find similar vulnerabilities across codebases using pattern-based analysis to catch recurring security issues.

Create and refine Semgrep rules for custom vulnerability detection patterns in your codebase.

Smart contract security toolkit with vulnerability scanners for 6 blockchains including Ethereum and Solana.

Growth