Static analysis with CodeQL, Semgrep, and SARIF for security scanning.
Runs static analysis using CodeQL and Semgrep tools, processes SARIF output format, and identifies security vulnerabilities, code quality issues, and bug patterns. Built by Trail of Bits.
$ npx skills add trailofbits/agent-skills --skill static-analysisSecurity-focused diff review with git history analysis.
Best practices for authentication with Better Auth library.
Detect insecure defaults like hardcoded secrets and weak crypto settings.