This is a comprehensive SAST toolkit that brings together industry-standard security scanners like Bandit, Semgrep, ESLint Security, and CodeQL for finding vulnerabilities before they ship. It covers the usual suspects: SQL injection, XSS, hardcoded secrets, path traversal, and insecure deserialization across Python, JavaScript, Java, Ruby, PHP, Go, and Rust. The real value is in the custom Semgrep rule examples and framework-specific configurations for Django, Flask, Express, and Spring Boot. Use it during code review or in CI pipelines when you need static analysis that catches common security bugs. The documentation includes both vulnerable and secure code patterns, which makes triage and remediation faster than just getting a list of line numbers.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill security-scanning-security-sast