@elizaos/skills 2.0.0-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +126 -0
- package/package.json +53 -0
- package/skills/1password/SKILL.md +70 -0
- package/skills/1password/references/cli-examples.md +29 -0
- package/skills/1password/references/get-started.md +17 -0
- package/skills/apple-notes/SKILL.md +77 -0
- package/skills/apple-reminders/SKILL.md +96 -0
- package/skills/bear-notes/SKILL.md +107 -0
- package/skills/bird/SKILL.md +224 -0
- package/skills/blogwatcher/SKILL.md +69 -0
- package/skills/blucli/SKILL.md +47 -0
- package/skills/bluebubbles/SKILL.md +131 -0
- package/skills/camsnap/SKILL.md +45 -0
- package/skills/canvas/SKILL.md +203 -0
- package/skills/clawhub/SKILL.md +77 -0
- package/skills/coding-agent/SKILL.md +284 -0
- package/skills/discord/SKILL.md +578 -0
- package/skills/eightctl/SKILL.md +50 -0
- package/skills/food-order/SKILL.md +48 -0
- package/skills/gemini/SKILL.md +43 -0
- package/skills/gifgrep/SKILL.md +79 -0
- package/skills/github/SKILL.md +77 -0
- package/skills/gog/SKILL.md +116 -0
- package/skills/goplaces/SKILL.md +52 -0
- package/skills/healthcheck/SKILL.md +245 -0
- package/skills/himalaya/SKILL.md +257 -0
- package/skills/himalaya/references/configuration.md +184 -0
- package/skills/himalaya/references/message-composition.md +199 -0
- package/skills/imsg/SKILL.md +74 -0
- package/skills/local-places/SERVER_README.md +101 -0
- package/skills/local-places/SKILL.md +102 -0
- package/skills/local-places/pyproject.toml +21 -0
- package/skills/local-places/src/local_places/__init__.py +2 -0
- package/skills/local-places/src/local_places/google_places.py +314 -0
- package/skills/local-places/src/local_places/main.py +65 -0
- package/skills/local-places/src/local_places/schemas.py +107 -0
- package/skills/mcporter/SKILL.md +61 -0
- package/skills/model-usage/SKILL.md +69 -0
- package/skills/model-usage/references/codexbar-cli.md +33 -0
- package/skills/model-usage/scripts/model_usage.py +310 -0
- package/skills/nano-banana-pro/SKILL.md +58 -0
- package/skills/nano-banana-pro/scripts/generate_image.py +184 -0
- package/skills/nano-pdf/SKILL.md +38 -0
- package/skills/notion/SKILL.md +172 -0
- package/skills/obsidian/SKILL.md +81 -0
- package/skills/openai-image-gen/SKILL.md +89 -0
- package/skills/openai-image-gen/scripts/gen.py +240 -0
- package/skills/openai-whisper/SKILL.md +38 -0
- package/skills/openai-whisper-api/SKILL.md +52 -0
- package/skills/openai-whisper-api/scripts/transcribe.sh +85 -0
- package/skills/openhue/SKILL.md +51 -0
- package/skills/oracle/SKILL.md +125 -0
- package/skills/ordercli/SKILL.md +78 -0
- package/skills/peekaboo/SKILL.md +190 -0
- package/skills/sag/SKILL.md +87 -0
- package/skills/security-ask-questions-if-underspecified/.claude-plugin/plugin.json +10 -0
- package/skills/security-ask-questions-if-underspecified/README.md +24 -0
- package/skills/security-ask-questions-if-underspecified/skills/ask-questions-if-underspecified/SKILL.md +85 -0
- package/skills/security-audit-context-building/.claude-plugin/plugin.json +10 -0
- package/skills/security-audit-context-building/README.md +58 -0
- package/skills/security-audit-context-building/commands/audit-context.md +21 -0
- package/skills/security-audit-context-building/skills/audit-context-building/SKILL.md +297 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/COMPLETENESS_CHECKLIST.md +47 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/FUNCTION_MICRO_ANALYSIS_EXAMPLE.md +355 -0
- package/skills/security-audit-context-building/skills/audit-context-building/resources/OUTPUT_REQUIREMENTS.md +71 -0
- package/skills/security-building-secure-contracts/.claude-plugin/plugin.json +10 -0
- package/skills/security-building-secure-contracts/README.md +241 -0
- package/skills/security-building-secure-contracts/skills/algorand-vulnerability-scanner/SKILL.md +284 -0
- package/skills/security-building-secure-contracts/skills/algorand-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +405 -0
- package/skills/security-building-secure-contracts/skills/audit-prep-assistant/SKILL.md +409 -0
- package/skills/security-building-secure-contracts/skills/cairo-vulnerability-scanner/SKILL.md +329 -0
- package/skills/security-building-secure-contracts/skills/cairo-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +722 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/SKILL.md +218 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/ASSESSMENT_CRITERIA.md +355 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/EXAMPLE_REPORT.md +248 -0
- package/skills/security-building-secure-contracts/skills/code-maturity-assessor/resources/REPORT_FORMAT.md +33 -0
- package/skills/security-building-secure-contracts/skills/cosmos-vulnerability-scanner/SKILL.md +334 -0
- package/skills/security-building-secure-contracts/skills/cosmos-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +740 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/SKILL.md +252 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/ASSESSMENT_AREAS.md +329 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/DELIVERABLES.md +118 -0
- package/skills/security-building-secure-contracts/skills/guidelines-advisor/resources/EXAMPLE_REPORT.md +298 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/SKILL.md +161 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/resources/EXAMPLE_REPORT.md +279 -0
- package/skills/security-building-secure-contracts/skills/secure-workflow-guide/resources/WORKFLOW_STEPS.md +132 -0
- package/skills/security-building-secure-contracts/skills/solana-vulnerability-scanner/SKILL.md +389 -0
- package/skills/security-building-secure-contracts/skills/solana-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +669 -0
- package/skills/security-building-secure-contracts/skills/substrate-vulnerability-scanner/SKILL.md +298 -0
- package/skills/security-building-secure-contracts/skills/substrate-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +791 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/SKILL.md +362 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/resources/ASSESSMENT_CATEGORIES.md +571 -0
- package/skills/security-building-secure-contracts/skills/token-integration-analyzer/resources/REPORT_TEMPLATES.md +141 -0
- package/skills/security-building-secure-contracts/skills/ton-vulnerability-scanner/SKILL.md +388 -0
- package/skills/security-building-secure-contracts/skills/ton-vulnerability-scanner/resources/VULNERABILITY_PATTERNS.md +595 -0
- package/skills/security-burpsuite-project-parser/.claude-plugin/plugin.json +10 -0
- package/skills/security-burpsuite-project-parser/README.md +103 -0
- package/skills/security-burpsuite-project-parser/commands/burp-search.md +18 -0
- package/skills/security-burpsuite-project-parser/skills/SKILL.md +358 -0
- package/skills/security-burpsuite-project-parser/skills/scripts/burp-search.sh +99 -0
- package/skills/security-claude-in-chrome-troubleshooting/.claude-plugin/plugin.json +8 -0
- package/skills/security-claude-in-chrome-troubleshooting/README.md +31 -0
- package/skills/security-claude-in-chrome-troubleshooting/skills/claude-in-chrome-troubleshooting/SKILL.md +251 -0
- package/skills/security-constant-time-analysis/.claude-plugin/plugin.json +9 -0
- package/skills/security-constant-time-analysis/README.md +381 -0
- package/skills/security-constant-time-analysis/commands/ct-check.md +20 -0
- package/skills/security-constant-time-analysis/ct_analyzer/__init__.py +49 -0
- package/skills/security-constant-time-analysis/ct_analyzer/analyzer.py +1284 -0
- package/skills/security-constant-time-analysis/ct_analyzer/script_analyzers.py +3081 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/__init__.py +1 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_analyzer.py +1397 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/bn_excerpt.js +205 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_constant_time.c +181 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.c +74 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.go +78 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/decompose_vulnerable.rs +92 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.cs +174 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.java +161 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.kt +181 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.php +140 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.py +252 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.rb +188 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.swift +199 -0
- package/skills/security-constant-time-analysis/ct_analyzer/tests/test_samples/vulnerable.ts +154 -0
- package/skills/security-constant-time-analysis/pyproject.toml +52 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/README.md +90 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/SKILL.md +219 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/compiled.md +129 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/javascript.md +136 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/kotlin.md +252 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/php.md +172 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/python.md +179 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/ruby.md +198 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/swift.md +288 -0
- package/skills/security-constant-time-analysis/skills/constant-time-analysis/references/vm-compiled.md +354 -0
- package/skills/security-constant-time-analysis/uv.lock +8 -0
- package/skills/security-culture-index/.claude-plugin/plugin.json +8 -0
- package/skills/security-culture-index/README.md +79 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/SKILL.md +293 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/anti-patterns.md +255 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/conversation-starters.md +408 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/interview-trait-signals.md +253 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/motivators.md +158 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/patterns-archetypes.md +147 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/primary-traits.md +307 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/secondary-traits.md +228 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/references/team-composition.md +148 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/check_deps.py +108 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/__init__.py +20 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/constants.py +122 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/extract.py +187 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/models.py +16 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/culture_index/opencv_extractor.py +520 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/extract_pdf.py +237 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/scripts/pyproject.toml +18 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/burnout-report.md +113 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/comparison-report.md +103 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/hiring-profile.md +127 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/individual-report.md +85 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/predicted-profile.md +165 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/templates/team-report.md +109 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/analyze-team.md +188 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/coach-manager.md +267 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/compare-profiles.md +188 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/define-hiring-profile.md +220 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/detect-burnout.md +206 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/extract-from-pdf.md +121 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/interpret-individual.md +183 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/interview-debrief.md +234 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/mediate-conflict.md +306 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/plan-onboarding.md +322 -0
- package/skills/security-culture-index/skills/interpreting-culture-index/workflows/predict-from-interview.md +250 -0
- package/skills/security-differential-review/.claude-plugin/plugin.json +10 -0
- package/skills/security-differential-review/README.md +109 -0
- package/skills/security-differential-review/commands/diff-review.md +21 -0
- package/skills/security-differential-review/skills/differential-review/SKILL.md +220 -0
- package/skills/security-differential-review/skills/differential-review/adversarial.md +203 -0
- package/skills/security-differential-review/skills/differential-review/methodology.md +234 -0
- package/skills/security-differential-review/skills/differential-review/patterns.md +300 -0
- package/skills/security-differential-review/skills/differential-review/reporting.md +369 -0
- package/skills/security-dwarf-expert/.claude-plugin/plugin.json +10 -0
- package/skills/security-dwarf-expert/README.md +38 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/SKILL.md +93 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/coding.md +31 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/dwarfdump.md +50 -0
- package/skills/security-dwarf-expert/skills/dwarf-expert/reference/readelf.md +8 -0
- package/skills/security-entry-point-analyzer/.claude-plugin/plugin.json +10 -0
- package/skills/security-entry-point-analyzer/README.md +74 -0
- package/skills/security-entry-point-analyzer/commands/entry-points.md +18 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/SKILL.md +251 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/cosmwasm.md +182 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/move-aptos.md +107 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/move-sui.md +87 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/solana.md +155 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/solidity.md +135 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/ton.md +185 -0
- package/skills/security-entry-point-analyzer/skills/entry-point-analyzer/references/vyper.md +141 -0
- package/skills/security-firebase-apk-scanner/.claude-plugin/plugin.json +10 -0
- package/skills/security-firebase-apk-scanner/README.md +85 -0
- package/skills/security-firebase-apk-scanner/commands/scan-apk.md +18 -0
- package/skills/security-firebase-apk-scanner/scanner.sh +1408 -0
- package/skills/security-firebase-apk-scanner/skills/firebase-apk-scanner/SKILL.md +197 -0
- package/skills/security-firebase-apk-scanner/skills/firebase-apk-scanner/references/vulnerabilities.md +803 -0
- package/skills/security-fix-review/.claude-plugin/plugin.json +13 -0
- package/skills/security-fix-review/README.md +118 -0
- package/skills/security-fix-review/commands/fix-review.md +24 -0
- package/skills/security-fix-review/skills/fix-review/SKILL.md +264 -0
- package/skills/security-fix-review/skills/fix-review/references/bug-detection.md +408 -0
- package/skills/security-fix-review/skills/fix-review/references/finding-matching.md +298 -0
- package/skills/security-fix-review/skills/fix-review/references/report-parsing.md +398 -0
- package/skills/security-insecure-defaults/.claude-plugin/plugin.json +10 -0
- package/skills/security-insecure-defaults/README.md +45 -0
- package/skills/security-insecure-defaults/skills/insecure-defaults/SKILL.md +117 -0
- package/skills/security-insecure-defaults/skills/insecure-defaults/references/examples.md +409 -0
- package/skills/security-modern-python/.claude-plugin/plugin.json +10 -0
- package/skills/security-modern-python/README.md +58 -0
- package/skills/security-modern-python/hooks/hooks.json +16 -0
- package/skills/security-modern-python/hooks/intercept-legacy-python.bats +388 -0
- package/skills/security-modern-python/hooks/intercept-legacy-python.sh +109 -0
- package/skills/security-modern-python/hooks/test_helper.bash +75 -0
- package/skills/security-modern-python/skills/modern-python/SKILL.md +333 -0
- package/skills/security-modern-python/skills/modern-python/references/dependabot.md +43 -0
- package/skills/security-modern-python/skills/modern-python/references/migration-checklist.md +141 -0
- package/skills/security-modern-python/skills/modern-python/references/pep723-scripts.md +259 -0
- package/skills/security-modern-python/skills/modern-python/references/prek.md +211 -0
- package/skills/security-modern-python/skills/modern-python/references/pyproject.md +254 -0
- package/skills/security-modern-python/skills/modern-python/references/ruff-config.md +240 -0
- package/skills/security-modern-python/skills/modern-python/references/security-setup.md +255 -0
- package/skills/security-modern-python/skills/modern-python/references/testing.md +284 -0
- package/skills/security-modern-python/skills/modern-python/references/uv-commands.md +200 -0
- package/skills/security-modern-python/skills/modern-python/templates/dependabot.yml +36 -0
- package/skills/security-modern-python/skills/modern-python/templates/pre-commit-config.yaml +66 -0
- package/skills/security-property-based-testing/.claude-plugin/plugin.json +9 -0
- package/skills/security-property-based-testing/README.md +47 -0
- package/skills/security-property-based-testing/skills/property-based-testing/README.md +88 -0
- package/skills/security-property-based-testing/skills/property-based-testing/SKILL.md +109 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/design.md +191 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/generating.md +200 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/libraries.md +130 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/refactoring.md +181 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/reviewing.md +209 -0
- package/skills/security-property-based-testing/skills/property-based-testing/references/strategies.md +124 -0
- package/skills/semgrep-rule-creator/.claude-plugin/plugin.json +8 -0
- package/skills/semgrep-rule-creator/README.md +43 -0
- package/skills/semgrep-rule-creator/commands/semgrep-rule.md +26 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/SKILL.md +168 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/references/quick-reference.md +203 -0
- package/skills/semgrep-rule-creator/skills/semgrep-rule-creator/references/workflow.md +240 -0
- package/skills/semgrep-rule-variant-creator/.claude-plugin/plugin.json +9 -0
- package/skills/semgrep-rule-variant-creator/README.md +86 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/SKILL.md +205 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/applicability-analysis.md +250 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/language-syntax-guide.md +324 -0
- package/skills/semgrep-rule-variant-creator/skills/semgrep-rule-variant-creator/references/workflow.md +518 -0
- package/skills/session-logs/SKILL.md +115 -0
- package/skills/sharp-edges/.claude-plugin/plugin.json +10 -0
- package/skills/sharp-edges/README.md +48 -0
- package/skills/sharp-edges/skills/sharp-edges/SKILL.md +292 -0
- package/skills/sharp-edges/skills/sharp-edges/references/auth-patterns.md +252 -0
- package/skills/sharp-edges/skills/sharp-edges/references/case-studies.md +274 -0
- package/skills/sharp-edges/skills/sharp-edges/references/config-patterns.md +333 -0
- package/skills/sharp-edges/skills/sharp-edges/references/crypto-apis.md +190 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-c.md +205 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-csharp.md +285 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-go.md +270 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-java.md +263 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-javascript.md +269 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-kotlin.md +265 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-php.md +245 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-python.md +274 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-ruby.md +273 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-rust.md +272 -0
- package/skills/sharp-edges/skills/sharp-edges/references/lang-swift.md +287 -0
- package/skills/sharp-edges/skills/sharp-edges/references/language-specific.md +588 -0
- package/skills/sherpa-onnx-tts/SKILL.md +103 -0
- package/skills/sherpa-onnx-tts/bin/sherpa-onnx-tts +178 -0
- package/skills/skill-creator/SKILL.md +370 -0
- package/skills/skill-creator/license.txt +202 -0
- package/skills/skill-creator/scripts/init_skill.py +378 -0
- package/skills/skill-creator/scripts/package_skill.py +111 -0
- package/skills/skill-creator/scripts/quick_validate.py +101 -0
- package/skills/slack/SKILL.md +144 -0
- package/skills/songsee/SKILL.md +49 -0
- package/skills/sonoscli/SKILL.md +46 -0
- package/skills/spec-to-code-compliance/.claude-plugin/plugin.json +10 -0
- package/skills/spec-to-code-compliance/README.md +67 -0
- package/skills/spec-to-code-compliance/commands/spec-compliance.md +22 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/SKILL.md +349 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/COMPLETENESS_CHECKLIST.md +69 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/IR_EXAMPLES.md +417 -0
- package/skills/spec-to-code-compliance/skills/spec-to-code-compliance/resources/OUTPUT_REQUIREMENTS.md +105 -0
- package/skills/spotify-player/SKILL.md +64 -0
- package/skills/static-analysis/.claude-plugin/plugin.json +8 -0
- package/skills/static-analysis/README.md +59 -0
- package/skills/static-analysis/skills/codeql/SKILL.md +315 -0
- package/skills/static-analysis/skills/sarif-parsing/SKILL.md +479 -0
- package/skills/static-analysis/skills/sarif-parsing/resources/jq-queries.md +162 -0
- package/skills/static-analysis/skills/sarif-parsing/resources/sarif_helpers.py +331 -0
- package/skills/static-analysis/skills/semgrep/SKILL.md +337 -0
- package/skills/summarize/SKILL.md +87 -0
- package/skills/testing-handbook-skills/.claude-plugin/plugin.json +8 -0
- package/skills/testing-handbook-skills/README.md +241 -0
- package/skills/testing-handbook-skills/scripts/pyproject.toml +8 -0
- package/skills/testing-handbook-skills/scripts/validate-skills.py +657 -0
- package/skills/testing-handbook-skills/skills/address-sanitizer/SKILL.md +341 -0
- package/skills/testing-handbook-skills/skills/aflpp/SKILL.md +640 -0
- package/skills/testing-handbook-skills/skills/atheris/SKILL.md +515 -0
- package/skills/testing-handbook-skills/skills/cargo-fuzz/SKILL.md +454 -0
- package/skills/testing-handbook-skills/skills/codeql/SKILL.md +549 -0
- package/skills/testing-handbook-skills/skills/constant-time-testing/SKILL.md +507 -0
- package/skills/testing-handbook-skills/skills/coverage-analysis/SKILL.md +607 -0
- package/skills/testing-handbook-skills/skills/fuzzing-dictionary/SKILL.md +297 -0
- package/skills/testing-handbook-skills/skills/fuzzing-obstacles/SKILL.md +426 -0
- package/skills/testing-handbook-skills/skills/harness-writing/SKILL.md +614 -0
- package/skills/testing-handbook-skills/skills/libafl/SKILL.md +625 -0
- package/skills/testing-handbook-skills/skills/libfuzzer/SKILL.md +795 -0
- package/skills/testing-handbook-skills/skills/ossfuzz/SKILL.md +426 -0
- package/skills/testing-handbook-skills/skills/ruzzy/SKILL.md +443 -0
- package/skills/testing-handbook-skills/skills/semgrep/SKILL.md +601 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/SKILL.md +372 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/agent-prompt.md +280 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/discovery.md +452 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/domain-skill.md +504 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/fuzzer-skill.md +454 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/technique-skill.md +527 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/templates/tool-skill.md +366 -0
- package/skills/testing-handbook-skills/skills/testing-handbook-generator/testing.md +482 -0
- package/skills/testing-handbook-skills/skills/wycheproof/SKILL.md +533 -0
- package/skills/things-mac/SKILL.md +86 -0
- package/skills/tmux/SKILL.md +135 -0
- package/skills/tmux/scripts/find-sessions.sh +112 -0
- package/skills/tmux/scripts/wait-for-text.sh +83 -0
- package/skills/trello/SKILL.md +95 -0
- package/skills/variant-analysis/.claude-plugin/plugin.json +8 -0
- package/skills/variant-analysis/README.md +41 -0
- package/skills/variant-analysis/commands/variants.md +23 -0
- package/skills/variant-analysis/skills/variant-analysis/METHODOLOGY.md +327 -0
- package/skills/variant-analysis/skills/variant-analysis/SKILL.md +142 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/cpp.ql +119 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/go.ql +69 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/java.ql +71 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/javascript.ql +63 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/codeql/python.ql +80 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/cpp.yaml +98 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/go.yaml +63 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/java.yaml +61 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/javascript.yaml +60 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/semgrep/python.yaml +72 -0
- package/skills/variant-analysis/skills/variant-analysis/resources/variant-report-template.md +75 -0
- package/skills/video-frames/SKILL.md +46 -0
- package/skills/video-frames/scripts/frame.sh +81 -0
- package/skills/voice-call/SKILL.md +45 -0
- package/skills/wacli/SKILL.md +72 -0
- package/skills/weather/SKILL.md +54 -0
- package/skills/yara-authoring/.claude-plugin/plugin.json +9 -0
- package/skills/yara-authoring/README.md +131 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/SKILL.md +645 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_Mac_ProtonRAT_Jan25.yar +99 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_NPM_SupplyChain_Jan25.yar +170 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/MAL_Win_Remcos_Jan25.yar +103 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/SUSP_CRX_SuspiciousPermissions.yar +134 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/examples/SUSP_JS_Obfuscation_Jan25.yar +185 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/crx-module.md +214 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/dex-module.md +383 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/performance.md +333 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/strings.md +433 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/style-guide.md +257 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/references/testing.md +399 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/atom_analyzer.py +526 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/pyproject.toml +25 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/scripts/yara_lint.py +631 -0
- package/skills/yara-authoring/skills/yara-rule-authoring/workflows/rule-development.md +493 -0
|
@@ -0,0 +1,601 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: semgrep
|
|
3
|
+
type: tool
|
|
4
|
+
description: >
|
|
5
|
+
Semgrep is a fast static analysis tool for finding bugs and enforcing code standards.
|
|
6
|
+
Use when scanning code for security issues or integrating into CI/CD pipelines.
|
|
7
|
+
---
|
|
8
|
+
|
|
9
|
+
# Semgrep
|
|
10
|
+
|
|
11
|
+
Semgrep is a highly efficient static analysis tool for finding low-complexity bugs and locating specific code patterns. Because of its ease of use, no need to build the code, multiple built-in rules, and convenient creation of custom rules, it is usually the first tool to run on an audited codebase. Furthermore, Semgrep's integration into the CI/CD pipeline makes it a good choice for ensuring code quality.
|
|
12
|
+
|
|
13
|
+
**Key benefits:**
|
|
14
|
+
- Prevents re-entry of known bugs and security vulnerabilities
|
|
15
|
+
- Enables large-scale code refactoring, such as upgrading deprecated APIs
|
|
16
|
+
- Easily added to CI/CD pipelines
|
|
17
|
+
- Custom Semgrep rules mimic the semantics of actual code
|
|
18
|
+
- Allows for secure scanning without sharing code with third parties
|
|
19
|
+
- Scanning usually takes minutes (not hours/days)
|
|
20
|
+
- Easy to use and accessible for both developers and security professionals
|
|
21
|
+
|
|
22
|
+
## When to Use
|
|
23
|
+
|
|
24
|
+
**Use Semgrep when:**
|
|
25
|
+
- Looking for bugs with easy-to-identify patterns
|
|
26
|
+
- Analyzing single files (intraprocedural analysis)
|
|
27
|
+
- Detecting systemic bugs (multiple instances across codebase)
|
|
28
|
+
- Enforcing secure defaults and code standards
|
|
29
|
+
- Performing rapid initial security assessment
|
|
30
|
+
- Scanning code without building it first
|
|
31
|
+
|
|
32
|
+
**Consider alternatives when:**
|
|
33
|
+
- Multiple files are required for analysis → Consider Semgrep Pro Engine or CodeQL
|
|
34
|
+
- Complex flow analysis is needed → Consider CodeQL
|
|
35
|
+
- Advanced taint tracking across files → Consider CodeQL or Semgrep Pro
|
|
36
|
+
- Custom in-house framework analysis → May need specialized tooling
|
|
37
|
+
|
|
38
|
+
## Quick Reference
|
|
39
|
+
|
|
40
|
+
| Task | Command |
|
|
41
|
+
|------|---------|
|
|
42
|
+
| Scan with auto-detection | `semgrep --config auto` |
|
|
43
|
+
| Scan with specific ruleset | `semgrep --config="p/trailofbits"` |
|
|
44
|
+
| Scan with custom rules | `semgrep -f /path/to/rules` |
|
|
45
|
+
| Output to SARIF format | `semgrep -c p/default --sarif --output scan.sarif` |
|
|
46
|
+
| Test custom rules | `semgrep --test` |
|
|
47
|
+
| Disable metrics | `semgrep --metrics=off --config=auto` |
|
|
48
|
+
| Filter by severity | `semgrep --config=auto --severity ERROR` |
|
|
49
|
+
| Show dataflow traces | `semgrep --dataflow-traces -f rule.yml` |
|
|
50
|
+
|
|
51
|
+
## Installation
|
|
52
|
+
|
|
53
|
+
### Prerequisites
|
|
54
|
+
|
|
55
|
+
- Python 3.7 or later (for pip installation)
|
|
56
|
+
- macOS, Linux, or Windows
|
|
57
|
+
- Homebrew (optional, for macOS/Linux)
|
|
58
|
+
|
|
59
|
+
### Install Steps
|
|
60
|
+
|
|
61
|
+
**Via Python Package Installer:**
|
|
62
|
+
|
|
63
|
+
```bash
|
|
64
|
+
python3 -m pip install semgrep
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
**Via Homebrew (macOS/Linux):**
|
|
68
|
+
|
|
69
|
+
```bash
|
|
70
|
+
brew install semgrep
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
**Via Docker:**
|
|
74
|
+
|
|
75
|
+
```bash
|
|
76
|
+
docker pull returntocorp/semgrep
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
### Keeping Semgrep Updated
|
|
80
|
+
|
|
81
|
+
```bash
|
|
82
|
+
# Check current version
|
|
83
|
+
semgrep --version
|
|
84
|
+
|
|
85
|
+
# Update via pip
|
|
86
|
+
python3 -m pip install --upgrade semgrep
|
|
87
|
+
|
|
88
|
+
# Update via Homebrew
|
|
89
|
+
brew upgrade semgrep
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
### Verification
|
|
93
|
+
|
|
94
|
+
```bash
|
|
95
|
+
semgrep --version
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
## Core Workflow
|
|
99
|
+
|
|
100
|
+
### Step 1: Initial Scan
|
|
101
|
+
|
|
102
|
+
Start with an auto-configuration scan to evaluate Semgrep's effectiveness:
|
|
103
|
+
|
|
104
|
+
```bash
|
|
105
|
+
semgrep --config auto
|
|
106
|
+
```
|
|
107
|
+
|
|
108
|
+
**Important:** Auto mode submits metrics online. To disable:
|
|
109
|
+
|
|
110
|
+
```bash
|
|
111
|
+
export SEMGREP_SEND_METRICS=off
|
|
112
|
+
# OR
|
|
113
|
+
semgrep --metrics=off --config auto
|
|
114
|
+
```
|
|
115
|
+
|
|
116
|
+
### Step 2: Select Targeted Rulesets
|
|
117
|
+
|
|
118
|
+
Use the [Semgrep Registry](https://semgrep.dev/explore) to select rulesets:
|
|
119
|
+
|
|
120
|
+
```bash
|
|
121
|
+
# Security-focused rulesets
|
|
122
|
+
semgrep --config="p/trailofbits"
|
|
123
|
+
semgrep --config="p/cwe-top-25"
|
|
124
|
+
semgrep --config="p/owasp-top-ten"
|
|
125
|
+
|
|
126
|
+
# Language-specific
|
|
127
|
+
semgrep --config="p/javascript"
|
|
128
|
+
|
|
129
|
+
# Multiple rulesets
|
|
130
|
+
semgrep --config="p/trailofbits" --config="p/r2c-security-audit"
|
|
131
|
+
```
|
|
132
|
+
|
|
133
|
+
### Step 3: Review and Triage Results
|
|
134
|
+
|
|
135
|
+
Filter results by severity:
|
|
136
|
+
|
|
137
|
+
```bash
|
|
138
|
+
semgrep --config=auto --severity ERROR
|
|
139
|
+
```
|
|
140
|
+
|
|
141
|
+
Use output formats for easier analysis:
|
|
142
|
+
|
|
143
|
+
```bash
|
|
144
|
+
# SARIF for VS Code SARIF Explorer
|
|
145
|
+
semgrep -c p/default --sarif --output scan.sarif
|
|
146
|
+
|
|
147
|
+
# JSON for automation
|
|
148
|
+
semgrep -c p/default --json --output scan.json
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
### Step 4: Configure Ignored Files
|
|
152
|
+
|
|
153
|
+
Create `.semgrepignore` file to exclude paths:
|
|
154
|
+
|
|
155
|
+
```
|
|
156
|
+
# Ignore specific files/directories
|
|
157
|
+
path/to/ignore/file.ext
|
|
158
|
+
path_to_ignore/
|
|
159
|
+
|
|
160
|
+
# Ignore by extension
|
|
161
|
+
*.ext
|
|
162
|
+
|
|
163
|
+
# Include .gitignore patterns
|
|
164
|
+
:include .gitignore
|
|
165
|
+
```
|
|
166
|
+
|
|
167
|
+
**Note:** By default, Semgrep skips `/tests`, `/test`, and `/vendors` folders.
|
|
168
|
+
|
|
169
|
+
## How to Customize
|
|
170
|
+
|
|
171
|
+
### Writing Custom Rules
|
|
172
|
+
|
|
173
|
+
Semgrep rules are YAML files with pattern-matching syntax. Basic structure:
|
|
174
|
+
|
|
175
|
+
```yaml
|
|
176
|
+
rules:
|
|
177
|
+
- id: rule-id
|
|
178
|
+
languages: [go]
|
|
179
|
+
message: Some message
|
|
180
|
+
severity: ERROR # INFO / WARNING / ERROR
|
|
181
|
+
pattern: test(...)
|
|
182
|
+
```
|
|
183
|
+
|
|
184
|
+
### Running Custom Rules
|
|
185
|
+
|
|
186
|
+
```bash
|
|
187
|
+
# Single file
|
|
188
|
+
semgrep --config custom_rule.yaml
|
|
189
|
+
|
|
190
|
+
# Directory of rules
|
|
191
|
+
semgrep --config path/to/rules/
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
### Key Syntax Reference
|
|
195
|
+
|
|
196
|
+
| Syntax/Operator | Description | Example |
|
|
197
|
+
|-----------------|-------------|---------|
|
|
198
|
+
| `...` | Match zero or more arguments/statements | `func(..., arg=value, ...)` |
|
|
199
|
+
| `$X`, `$VAR` | Metavariable (captures and tracks values) | `$FUNC($INPUT)` |
|
|
200
|
+
| `<... ...>` | Deep expression operator (nested matching) | `if <... user.is_admin() ...>:` |
|
|
201
|
+
| `pattern-inside` | Match only within context | Pattern inside a loop |
|
|
202
|
+
| `pattern-not` | Exclude specific patterns | Negative matching |
|
|
203
|
+
| `pattern-either` | Logical OR (any pattern matches) | Multiple alternatives |
|
|
204
|
+
| `patterns` | Logical AND (all patterns match) | Combined conditions |
|
|
205
|
+
| `metavariable-pattern` | Nested metavariable constraints | Constrain captured values |
|
|
206
|
+
| `metavariable-comparison` | Compare metavariable values | `$X > 1337` |
|
|
207
|
+
|
|
208
|
+
### Example: Detecting Insecure Request Verification
|
|
209
|
+
|
|
210
|
+
```yaml
|
|
211
|
+
rules:
|
|
212
|
+
- id: requests-verify-false
|
|
213
|
+
languages: [python]
|
|
214
|
+
message: requests.get with verify=False disables SSL verification
|
|
215
|
+
severity: WARNING
|
|
216
|
+
pattern: requests.get(..., verify=False, ...)
|
|
217
|
+
```
|
|
218
|
+
|
|
219
|
+
### Example: Taint Mode for SQL Injection
|
|
220
|
+
|
|
221
|
+
```yaml
|
|
222
|
+
rules:
|
|
223
|
+
- id: sql-injection
|
|
224
|
+
mode: taint
|
|
225
|
+
pattern-sources:
|
|
226
|
+
- pattern: request.args.get(...)
|
|
227
|
+
pattern-sinks:
|
|
228
|
+
- pattern: cursor.execute($QUERY)
|
|
229
|
+
pattern-sanitizers:
|
|
230
|
+
- pattern: int(...)
|
|
231
|
+
message: Potential SQL injection with unsanitized user input
|
|
232
|
+
languages: [python]
|
|
233
|
+
severity: ERROR
|
|
234
|
+
```
|
|
235
|
+
|
|
236
|
+
### Testing Custom Rules
|
|
237
|
+
|
|
238
|
+
Create test files with annotations:
|
|
239
|
+
|
|
240
|
+
```python
|
|
241
|
+
# ruleid: requests-verify-false
|
|
242
|
+
requests.get(url, verify=False)
|
|
243
|
+
|
|
244
|
+
# ok: requests-verify-false
|
|
245
|
+
requests.get(url, verify=True)
|
|
246
|
+
```
|
|
247
|
+
|
|
248
|
+
Run tests:
|
|
249
|
+
|
|
250
|
+
```bash
|
|
251
|
+
semgrep --test ./path/to/rules/
|
|
252
|
+
```
|
|
253
|
+
|
|
254
|
+
For autofix testing, create `.fixed` files (e.g., `test.py` → `test.fixed.py`):
|
|
255
|
+
|
|
256
|
+
```bash
|
|
257
|
+
semgrep --test
|
|
258
|
+
# Output: 1/1: ✓ All tests passed
|
|
259
|
+
# 1/1: ✓ All fix tests passed
|
|
260
|
+
```
|
|
261
|
+
|
|
262
|
+
## Configuration
|
|
263
|
+
|
|
264
|
+
### Configuration File
|
|
265
|
+
|
|
266
|
+
Semgrep doesn't require a central config file. Configuration is done via:
|
|
267
|
+
- Command-line flags
|
|
268
|
+
- Environment variables
|
|
269
|
+
- `.semgrepignore` for path exclusions
|
|
270
|
+
|
|
271
|
+
### Ignore Patterns
|
|
272
|
+
|
|
273
|
+
Create `.semgrepignore` in repository root:
|
|
274
|
+
|
|
275
|
+
```
|
|
276
|
+
# Ignore directories
|
|
277
|
+
tests/
|
|
278
|
+
vendor/
|
|
279
|
+
node_modules/
|
|
280
|
+
|
|
281
|
+
# Ignore file types
|
|
282
|
+
*.min.js
|
|
283
|
+
*.generated.go
|
|
284
|
+
|
|
285
|
+
# Include .gitignore patterns
|
|
286
|
+
:include .gitignore
|
|
287
|
+
```
|
|
288
|
+
|
|
289
|
+
### Suppressing False Positives
|
|
290
|
+
|
|
291
|
+
Add inline comments to suppress specific findings:
|
|
292
|
+
|
|
293
|
+
```python
|
|
294
|
+
# nosemgrep: rule-id
|
|
295
|
+
risky_function()
|
|
296
|
+
```
|
|
297
|
+
|
|
298
|
+
**Best practices:**
|
|
299
|
+
- Specify the exact rule ID (not generic `# nosemgrep`)
|
|
300
|
+
- Explain why the rule is disabled
|
|
301
|
+
- Report false positives to improve rules
|
|
302
|
+
|
|
303
|
+
### Metadata in Custom Rules
|
|
304
|
+
|
|
305
|
+
Include metadata for better context:
|
|
306
|
+
|
|
307
|
+
```yaml
|
|
308
|
+
rules:
|
|
309
|
+
- id: example-rule
|
|
310
|
+
metadata:
|
|
311
|
+
cwe: "CWE-89"
|
|
312
|
+
confidence: HIGH
|
|
313
|
+
likelihood: MEDIUM
|
|
314
|
+
impact: HIGH
|
|
315
|
+
subcategory: vuln
|
|
316
|
+
# ... rest of rule
|
|
317
|
+
```
|
|
318
|
+
|
|
319
|
+
## Advanced Usage
|
|
320
|
+
|
|
321
|
+
### Tips and Tricks
|
|
322
|
+
|
|
323
|
+
| Tip | Why It Helps |
|
|
324
|
+
|-----|--------------|
|
|
325
|
+
| Use `--time` flag | Identifies slow rules and files for optimization |
|
|
326
|
+
| Limit ellipsis usage | Reduces false positives and improves performance |
|
|
327
|
+
| Use `pattern-inside` for context | Creates clearer, more focused findings |
|
|
328
|
+
| Enable autocomplete | Speeds up command-line workflow |
|
|
329
|
+
| Use `focus-metavariable` | Highlights specific code locations in output |
|
|
330
|
+
|
|
331
|
+
### Scanning Non-Standard Extensions
|
|
332
|
+
|
|
333
|
+
Force language interpretation for unusual file extensions:
|
|
334
|
+
|
|
335
|
+
```bash
|
|
336
|
+
semgrep --config=/path/to/config --lang python --scan-unknown-extensions /path/to/file.xyz
|
|
337
|
+
```
|
|
338
|
+
|
|
339
|
+
### Dataflow Tracing
|
|
340
|
+
|
|
341
|
+
Use `--dataflow-traces` to understand how values flow to findings:
|
|
342
|
+
|
|
343
|
+
```bash
|
|
344
|
+
semgrep --dataflow-traces -f taint_rule.yml test.py
|
|
345
|
+
```
|
|
346
|
+
|
|
347
|
+
Example output:
|
|
348
|
+
|
|
349
|
+
```
|
|
350
|
+
Taint comes from:
|
|
351
|
+
test.py
|
|
352
|
+
2┆ data = get_user_input()
|
|
353
|
+
|
|
354
|
+
This is how taint reaches the sink:
|
|
355
|
+
test.py
|
|
356
|
+
3┆ return output(data)
|
|
357
|
+
```
|
|
358
|
+
|
|
359
|
+
### Polyglot File Scanning
|
|
360
|
+
|
|
361
|
+
Scan embedded languages (e.g., JavaScript in HTML):
|
|
362
|
+
|
|
363
|
+
```yaml
|
|
364
|
+
rules:
|
|
365
|
+
- id: eval-in-html
|
|
366
|
+
languages: [html]
|
|
367
|
+
message: eval in JavaScript
|
|
368
|
+
patterns:
|
|
369
|
+
- pattern: <script ...>$Y</script>
|
|
370
|
+
- metavariable-pattern:
|
|
371
|
+
metavariable: $Y
|
|
372
|
+
language: javascript
|
|
373
|
+
patterns:
|
|
374
|
+
- pattern: eval(...)
|
|
375
|
+
severity: WARNING
|
|
376
|
+
```
|
|
377
|
+
|
|
378
|
+
### Constant Propagation
|
|
379
|
+
|
|
380
|
+
Match instances where metavariables hold specific values:
|
|
381
|
+
|
|
382
|
+
```yaml
|
|
383
|
+
rules:
|
|
384
|
+
- id: high-value-check
|
|
385
|
+
languages: [python]
|
|
386
|
+
message: $X is higher than 1337
|
|
387
|
+
patterns:
|
|
388
|
+
- pattern: function($X)
|
|
389
|
+
- metavariable-comparison:
|
|
390
|
+
metavariable: $X
|
|
391
|
+
comparison: $X > 1337
|
|
392
|
+
severity: WARNING
|
|
393
|
+
```
|
|
394
|
+
|
|
395
|
+
### Autofix Feature
|
|
396
|
+
|
|
397
|
+
Add automatic fixes to rules:
|
|
398
|
+
|
|
399
|
+
```yaml
|
|
400
|
+
rules:
|
|
401
|
+
- id: ioutil-readdir-deprecated
|
|
402
|
+
languages: [golang]
|
|
403
|
+
message: ioutil.ReadDir is deprecated. Use os.ReadDir instead.
|
|
404
|
+
severity: WARNING
|
|
405
|
+
pattern: ioutil.ReadDir($X)
|
|
406
|
+
fix: os.ReadDir($X)
|
|
407
|
+
```
|
|
408
|
+
|
|
409
|
+
Preview fixes without applying:
|
|
410
|
+
|
|
411
|
+
```bash
|
|
412
|
+
semgrep -f rule.yaml --dryrun --autofix
|
|
413
|
+
```
|
|
414
|
+
|
|
415
|
+
Apply fixes:
|
|
416
|
+
|
|
417
|
+
```bash
|
|
418
|
+
semgrep -f rule.yaml --autofix
|
|
419
|
+
```
|
|
420
|
+
|
|
421
|
+
### Performance Optimization
|
|
422
|
+
|
|
423
|
+
Analyze performance:
|
|
424
|
+
|
|
425
|
+
```bash
|
|
426
|
+
semgrep --config=auto --time
|
|
427
|
+
```
|
|
428
|
+
|
|
429
|
+
Optimize rules:
|
|
430
|
+
1. Use `paths` to narrow file scope
|
|
431
|
+
2. Minimize ellipsis usage
|
|
432
|
+
3. Use `pattern-inside` to establish context first
|
|
433
|
+
4. Remove unnecessary metavariables
|
|
434
|
+
|
|
435
|
+
### Managing Third-Party Rules
|
|
436
|
+
|
|
437
|
+
Use [semgrep-rules-manager](https://github.com/iosifache/semgrep-rules-manager/) to collect third-party rules:
|
|
438
|
+
|
|
439
|
+
```bash
|
|
440
|
+
pip install semgrep-rules-manager
|
|
441
|
+
mkdir -p $HOME/custom-semgrep-rules
|
|
442
|
+
semgrep-rules-manager --dir $HOME/custom-semgrep-rules download
|
|
443
|
+
semgrep -f $HOME/custom-semgrep-rules
|
|
444
|
+
```
|
|
445
|
+
|
|
446
|
+
## CI/CD Integration
|
|
447
|
+
|
|
448
|
+
### GitHub Actions
|
|
449
|
+
|
|
450
|
+
#### Recommended Approach
|
|
451
|
+
|
|
452
|
+
1. Full scan on main branch with broad rulesets (scheduled)
|
|
453
|
+
2. Diff-aware scanning for pull requests with focused rules
|
|
454
|
+
3. Block PRs with unresolved findings (once mature)
|
|
455
|
+
|
|
456
|
+
#### Example Workflow
|
|
457
|
+
|
|
458
|
+
```yaml
|
|
459
|
+
name: Semgrep
|
|
460
|
+
on:
|
|
461
|
+
pull_request: {}
|
|
462
|
+
push:
|
|
463
|
+
branches: ["master", "main"]
|
|
464
|
+
schedule:
|
|
465
|
+
- cron: '0 0 1 * *' # Monthly
|
|
466
|
+
|
|
467
|
+
jobs:
|
|
468
|
+
semgrep-schedule:
|
|
469
|
+
if: ((github.event_name == 'schedule' || github.event_name == 'push' || github.event.pull_request.merged == true)
|
|
470
|
+
&& github.actor != 'dependabot[bot]')
|
|
471
|
+
name: Semgrep default scan
|
|
472
|
+
runs-on: ubuntu-latest
|
|
473
|
+
container:
|
|
474
|
+
image: returntocorp/semgrep
|
|
475
|
+
steps:
|
|
476
|
+
- name: Checkout main repository
|
|
477
|
+
uses: actions/checkout@v4
|
|
478
|
+
- run: semgrep ci
|
|
479
|
+
env:
|
|
480
|
+
SEMGREP_RULES: p/default
|
|
481
|
+
|
|
482
|
+
semgrep-pr:
|
|
483
|
+
if: (github.event_name == 'pull_request' && github.actor != 'dependabot[bot]')
|
|
484
|
+
name: Semgrep PR scan
|
|
485
|
+
runs-on: ubuntu-latest
|
|
486
|
+
container:
|
|
487
|
+
image: returntocorp/semgrep
|
|
488
|
+
steps:
|
|
489
|
+
- uses: actions/checkout@v4
|
|
490
|
+
- run: semgrep ci
|
|
491
|
+
env:
|
|
492
|
+
SEMGREP_RULES: >
|
|
493
|
+
p/cwe-top-25
|
|
494
|
+
p/owasp-top-ten
|
|
495
|
+
p/r2c-security-audit
|
|
496
|
+
p/trailofbits
|
|
497
|
+
```
|
|
498
|
+
|
|
499
|
+
#### Adding Custom Rules in CI
|
|
500
|
+
|
|
501
|
+
**Rules in same repository:**
|
|
502
|
+
|
|
503
|
+
```yaml
|
|
504
|
+
env:
|
|
505
|
+
SEMGREP_RULES: p/default custom-semgrep-rules-dir/
|
|
506
|
+
```
|
|
507
|
+
|
|
508
|
+
**Rules in private repository:**
|
|
509
|
+
|
|
510
|
+
```yaml
|
|
511
|
+
env:
|
|
512
|
+
SEMGREP_PRIVATE_RULES_REPO: semgrep-private-rules
|
|
513
|
+
steps:
|
|
514
|
+
- name: Checkout main repository
|
|
515
|
+
uses: actions/checkout@v4
|
|
516
|
+
- name: Checkout private custom Semgrep rules
|
|
517
|
+
uses: actions/checkout@v4
|
|
518
|
+
with:
|
|
519
|
+
repository: ${{ github.repository_owner }}/${{ env.SEMGREP_PRIVATE_RULES_REPO }}
|
|
520
|
+
token: ${{ secrets.SEMGREP_RULES_TOKEN }}
|
|
521
|
+
path: ${{ env.SEMGREP_PRIVATE_RULES_REPO }}
|
|
522
|
+
- run: semgrep ci
|
|
523
|
+
env:
|
|
524
|
+
SEMGREP_RULES: ${{ env.SEMGREP_PRIVATE_RULES_REPO }}
|
|
525
|
+
```
|
|
526
|
+
|
|
527
|
+
### Testing Rules in CI
|
|
528
|
+
|
|
529
|
+
```yaml
|
|
530
|
+
name: Test Semgrep rules
|
|
531
|
+
|
|
532
|
+
on: [push, pull_request]
|
|
533
|
+
|
|
534
|
+
jobs:
|
|
535
|
+
semgrep-test:
|
|
536
|
+
runs-on: ubuntu-latest
|
|
537
|
+
steps:
|
|
538
|
+
- uses: actions/checkout@v4
|
|
539
|
+
- uses: actions/setup-python@v4
|
|
540
|
+
with:
|
|
541
|
+
python-version: "3.11"
|
|
542
|
+
cache: "pip"
|
|
543
|
+
- run: python -m pip install -r requirements.txt
|
|
544
|
+
- run: semgrep --test --test-ignore-todo ./path/to/rules/
|
|
545
|
+
```
|
|
546
|
+
|
|
547
|
+
## Common Mistakes
|
|
548
|
+
|
|
549
|
+
| Mistake | Why It's Wrong | Correct Approach |
|
|
550
|
+
|---------|----------------|------------------|
|
|
551
|
+
| Using `--config auto` on private code | Sends metadata to Semgrep servers | Use `--metrics=off` or specific rulesets |
|
|
552
|
+
| Forgetting `.semgrepignore` | Scans excluded directories like `/vendor` | Create `.semgrepignore` file |
|
|
553
|
+
| Not testing rules with false positives | Rules generate noise | Add `# ok:` test cases |
|
|
554
|
+
| Using generic `# nosemgrep` | Makes code review harder | Use `# nosemgrep: rule-id` with explanation |
|
|
555
|
+
| Overusing ellipsis `...` | Degrades performance and accuracy | Use specific patterns when possible |
|
|
556
|
+
| Not including metadata in rules | Makes triage difficult | Add CWE, confidence, impact fields |
|
|
557
|
+
|
|
558
|
+
## Limitations
|
|
559
|
+
|
|
560
|
+
- **Single-file analysis:** Cannot track data flow across files without Semgrep Pro Engine
|
|
561
|
+
- **No build required:** Cannot analyze compiled code or resolve dynamic dependencies
|
|
562
|
+
- **Pattern-based:** May miss vulnerabilities requiring deep semantic understanding
|
|
563
|
+
- **Limited taint tracking:** Complex taint analysis is still evolving
|
|
564
|
+
- **Custom frameworks:** In-house proprietary frameworks may not be well-supported
|
|
565
|
+
|
|
566
|
+
## Related Skills
|
|
567
|
+
|
|
568
|
+
| Skill | When to Use Together |
|
|
569
|
+
|-------|---------------------|
|
|
570
|
+
| **codeql** | For cross-file taint tracking and complex data flow analysis |
|
|
571
|
+
| **sarif-parsing** | For processing Semgrep SARIF output in pipelines |
|
|
572
|
+
|
|
573
|
+
## Resources
|
|
574
|
+
|
|
575
|
+
### Key External Resources
|
|
576
|
+
|
|
577
|
+
**[Trail of Bits public Semgrep rules](https://github.com/trailofbits/semgrep-rules)**
|
|
578
|
+
Community-contributed Semgrep rules for security audits, with contribution guidelines and quality standards.
|
|
579
|
+
|
|
580
|
+
**[Semgrep Registry](https://semgrep.dev/explore)**
|
|
581
|
+
Official registry of Semgrep rules, searchable by language, framework, and security category.
|
|
582
|
+
|
|
583
|
+
**[Semgrep Playground](https://semgrep.dev/playground/new)**
|
|
584
|
+
Interactive online tool for writing and testing Semgrep rules. Use "simple mode" for easy pattern combination.
|
|
585
|
+
|
|
586
|
+
**[Learn Semgrep Syntax](https://semgrep.dev/learn)**
|
|
587
|
+
Comprehensive guide on Semgrep rule-writing fundamentals.
|
|
588
|
+
|
|
589
|
+
**[Trail of Bits Blog: How to introduce Semgrep to your organization](https://blog.trailofbits.com/2024/01/12/how-to-introduce-semgrep-to-your-organization/)**
|
|
590
|
+
Seven-step plan for organizational adoption of Semgrep, including pilot testing, evangelization, and CI/CD integration.
|
|
591
|
+
|
|
592
|
+
**[Trail of Bits Blog: Discovering goroutine leaks with Semgrep](https://blog.trailofbits.com/2021/11/08/discovering-goroutine-leaks-with-semgrep/)**
|
|
593
|
+
Real-world example of writing custom rules to detect Go-specific issues.
|
|
594
|
+
|
|
595
|
+
### Video Resources
|
|
596
|
+
|
|
597
|
+
- [Introduction to Semgrep - Trail of Bits Webinar](https://www.youtube.com/watch?v=yKQlTbVlf0Q)
|
|
598
|
+
- [Detect complex code patterns using semantic grep](https://www.youtube.com/watch?v=IFRp2Y3cqOw)
|
|
599
|
+
- [Semgrep part 1 - Embrace Secure Defaults, Block Anti-patterns and more](https://www.youtube.com/watch?v=EIjoqwT53E4)
|
|
600
|
+
- [Semgrep Weekly Wednesday Office Hours: Modifying Rules to Reduce False Positives](https://www.youtube.com/watch?v=VSL44ZZ7EvY)
|
|
601
|
+
- [Raining CVEs On WordPress Plugins With Semgrep | Nullcon Goa 2022](https://www.youtube.com/watch?v=RvKLn2ofMAo)
|