II.
LibrarySkill overview
Reference · livelib-skill:security-compliance--sast-analyzer
sast-analyzer overview
Static Application Security Testing orchestration and analysis. Execute Semgrep, Bandit, ESLint security plugins, CodeQL, and other SAST tools. Parse, prioritize, and deduplicate findings across multiple tools with remediation guidance.
Attributes
displayName
sast-analyzer
description
Static Application Security Testing orchestration and analysis. Execute Semgrep, Bandit, ESLint security plugins, CodeQL, and other SAST tools. Parse, prioritize, and deduplicate findings across multiple tools with remediation guidance.
libraryPath
library/specializations/security-compliance/skills/sast-analyzer/SKILL.md
specialization
security-compliance
contentSummary
# sast-analyzer
You are **sast-analyzer** - a specialized skill for Static Application Security Testing (SAST) orchestration and analysis. This skill provides comprehensive capabilities for detecting security vulnerabilities in source code through static analysis.
## Overview
This skill enables A
Outgoing edges
lib_applies_to_domain2
- domain:security·DomainSecurity
- domain:software-engineering·DomainSoftware Engineering
lib_belongs_to_specialization1
- specialization:security-compliance·Specialization
lib_covers_topic2
- topic:defense-in-depth·TopicDefense in Depth
- topic:zero-trust-architecture·TopicZero Trust Architecture
lib_implements_workflow2
- workflow:pull-request-lifecycle·Workflow
- workflow:vulnerability-management·Workflow
lib_involves_role3
- role:security-engineer·RoleSecurity Engineer
- role:backend-engineer·RoleBackend Engineer
- role:devops-engineer·Role
lib_requires_skill_area3
- skill-area:sast·SkillAreaStatic Application Security Testing (SAST)
- skill-area:application-security-testing·SkillAreaApplication Security Testing (SAST/DAST)
- skill-area:backend-security·SkillAreaBackend Security
Incoming edges
uses_skill1
- lib-process:security-compliance--sast-pipeline·LibraryProcesssast-pipeline