Summary
Takes the pain out of setting up SAST tools like Semgrep, SonarQube, and CodeQL in your CI/CD pipeline. Generates ready-to-use config files, pre-commit hooks, and GitHub Actions workflows that actually work. Covers custom rule creation for catching organization-specific security anti-patterns, tuning quality gates to reduce false positives, and integrating multiple scanners without breaking your build times. The troubleshooting section alone will save you hours of debugging why your CodeQL database won't build or why Semgrep is flagging every test file. Best when you need to go from zero to automated security scanning without reading documentation for three different tools.
Install to Claude Code
npx -y skills add wshobson/agents --skill sast-configuration --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
