semgrep

Conducts static analysis scans on codebases using Semgrep to identify vulnerabilities and bugs efficiently.

Install this skill

69/100

Security score

The semgrep skill was audited on Mar 21, 2026 and we found 3 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

medium line 58

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

critical line 163

Piping content to bash shell

SourceSKILL.md

163	\| `static-analysis:semgrep-scanner` \| Bash \| Executes parallel semgrep scans for a language category \|

low line 90

External URL reference

SourceSKILL.md

90	Required: Semgrep CLI (`semgrep --version`). If not installed, see [Semgrep installation docs](https://semgrep.dev/docs/getting-started/).

Scanned on Mar 21, 2026

View Security Dashboard

Install this skill with one command

/learn @trailofbits/semgrep

GitHub Stars 3.7K

Rate this skill

Categorydevelopment

UpdatedMarch 29, 2026

openclaw testing backend security-engineer qa-engineer backend-developer development

trailofbits/skills