Alanamultiskillagent
Back to skills

static-analysis

security

Static analysis toolkit combining CodeQL, Semgrep, and SARIF parsing for security vulnerability detection. Covers taint tracking, data flow analysis, and pattern-based scanning across Python, JavaScri

trailofbitstrailofbits
|View all trailofbits skills →

Setup & Installation

npx skills add https://github.com/trailofbits/static-analysis --skill static-analysis
or paste the link and ask your coding assistant to install it
https://github.com/trailofbits/static-analysis
View on GitHub

What This Skill Does

Static analysis toolkit combining CodeQL, Semgrep, and SARIF parsing for security vulnerability detection. Covers taint tracking, data flow analysis, and pattern-based scanning across Python, JavaScript, Go, Java, C/C++, and more. Based on the Trail of Bits Testing Handbook. Running CodeQL and Semgrep together with SARIF aggregation catches interprocedural vulnerabilities that grep-based or single-tool approaches miss.

When to use it

  • Working with static analysis functionality
  • Implementing static analysis features
  • Debugging static analysis related issues

Similar Skills

audit-context-building

A structured analysis skill for the pre-audit phase of code review. It guides Claude through line-by-line function analysis, cross-boundary call tracing, and invariant mapping before any vulnerability

auth0-android

Adds authentication to native Android apps using the Auth0 SDK. Supports Web Auth login/logout, biometric-protected credentials, secure token storage, passwordless login, and MFA. Works with both Kotl

auth0-angular

Adds authentication to Angular apps using the @auth0/auth0-angular SDK. Handles login/logout flows, route guards, HTTP interceptors for attaching tokens, and user profile access through observables. W

auth0-aspnetcore-api

Adds JWT access token validation to ASP.NET Core Web APIs using Auth0. It handles bearer token authentication, scope and permission checks, and supports DPoP proof-of-possession token binding. Works w