>Agent Skill

@a5c-ai/static-analysis-tools-skill

skilldevelopment

Integration with security-focused static analysis tools

apm::install

$apm install @a5c-ai/static-analysis-tools-skill

apm::allowed-tools

BashReadWriteEditGlobGrep

apm::skill.md

apm::badge

[![APM](https://img.shields.io/endpoint?url=https%3A%2F%2Fapm-p1ls2dz87-atlamors-projects.vercel.app%2Fapi%2Fbadge%2F%40a5c-ai%2Fstatic-analysis-tools-skill&style=flat-square)](https://apm-p1ls2dz87-atlamors-projects.vercel.app/packages/@a5c-ai/static-analysis-tools-skill)

---
name: Static Analysis Tools Skill
description: Integration with security-focused static analysis tools
allowed-tools:
  - Bash
  - Read
  - Write
  - Edit
  - Glob
  - Grep
---

# Static Analysis Tools Skill

## Overview

This skill provides integration with security-focused static analysis tools for comprehensive code security analysis.

## Capabilities

- Execute Semgrep rules and custom patterns
- Run CodeQL queries for vulnerability detection
- Execute Bandit (Python), Brakeman (Ruby), etc.
- Parse and interpret static analysis results
- Generate custom detection rules
- Aggregate findings across tools
- Map findings to CWE/CVE identifiers
- Support SAST pipeline integration

## Target Processes

- static-code-analysis.js
- variant-analysis.js
- web-app-vuln-research.js
- api-security-research.js

## Dependencies

- Semgrep CLI
- CodeQL CLI and databases
- Language-specific analyzers:
  - Bandit (Python)
  - Brakeman (Ruby)
  - gosec (Go)
  - SpotBugs (Java)
- Python for result aggregation

## Usage Context

This skill is essential for:
- Security code review automation
- Vulnerability pattern detection
- Custom security rule development
- CI/CD security gate integration
- Variant analysis across codebases

## Integration Notes

- Supports multiple output formats (SARIF, JSON, custom)
- Can run incrementally on changed files
- Integrates with IDE and CI/CD workflows
- Custom rules can be version controlled
- Results can be deduplicated and triaged