This turns Claude into a CodeQL specialist for security scanning and static analysis. You get help writing custom QL queries for vulnerability detection, setting up databases for different languages, and integrating with GitHub Actions or your CI/CD pipeline. The skill covers practical stuff like taint tracking configurations, finding SQL injection and XSS vulnerabilities, and optimizing queries to reduce false positives. Most useful when you're moving beyond basic security scans and need to write organization-specific detection rules or tune CodeQL for your codebase. It assumes you understand the basics of static analysis but need expert guidance on CodeQL's query language and workflow.
npx skills add https://github.com/personamanagmentlayer/pcl --skill codeql-expert