semgrep

Conducts static analysis scans on codebases using Semgrep to identify vulnerabilities and bugs efficiently.

Install this skill

69/100

Security score

The semgrep skill was audited on May 12, 2026 and we found 3 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.

Categories Tested

Security Issues

medium line 50

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

critical line 155

Piping content to bash shell

SourceSKILL.md

155	\| `static-analysis:semgrep-scanner` \| Bash \| Executes parallel semgrep scans for a language category \|

low line 82

External URL reference

SourceSKILL.md

82	Required: Semgrep CLI (`semgrep --version`). If not installed, see [Semgrep installation docs](https://semgrep.dev/docs/getting-started/).

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 3.7K

Rate this skill

Categorydevelopment

UpdatedMay 13, 2026

frontend git devops backend security-engineer qa-engineer backend-developer development

trailofbits/skills