install
source · Clone the upstream repo
git clone https://github.com/ComeOnOliver/skillshub
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ComeOnOliver/skillshub "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/elizaOS/eliza/static-analysis" ~/.claude/skills/comeonoliver-skillshub-static-analysis && rm -rf "$T"
manifest:
skills/elizaOS/eliza/static-analysis/SKILL.mdsource content
Static Analysis
Comprehensive static analysis toolkit for security vulnerability detection, based on the Trail of Bits Application Security Testing Handbook.
When to Use
- Running security scans on codebases (any language)
- Writing custom CodeQL queries or Semgrep rules
- Processing and triaging SARIF output files from analysis tools
- Setting up static analysis in CI/CD pipelines
- Comparing and aggregating results from multiple tools
When NOT to Use
- Writing Semgrep rules from scratch (use semgrep-rule-creator skill instead)
- Dynamic analysis or fuzzing (use testing-handbook-skills)
- Smart contract auditing (use security-building-secure-contracts)
Sub-Skills
| Tool | Purpose | Best For | Skill Path |
|---|---|---|---|
| CodeQL | Semantic code analysis with database queries | Deep data flow tracking, taint analysis, cross-function analysis | skills/codeql/SKILL.md |
| Semgrep | Fast pattern-matching static analysis | Quick scans, custom rules, CI integration, lightweight checks | skills/semgrep/SKILL.md |
| SARIF Parsing | Parse and process SARIF result files | Aggregating results, CI/CD integration, multi-tool triage | skills/sarif-parsing/SKILL.md |
Tool Selection Guide
| Scenario | Recommended Tool |
|---|---|
| Quick security scan | Semgrep |
| Deep vulnerability analysis | CodeQL |
| Data flow / taint tracking | CodeQL (best) or Semgrep taint mode |
| Custom pattern detection | Semgrep (simpler) or CodeQL (more powerful) |
| CI/CD integration | Semgrep (fastest) + CodeQL (thorough) |
| Processing scan results | SARIF Parsing |
| Non-building codebase | Semgrep (works on incomplete code) |
Quick Start
Semgrep (fast scan)
# Install pip install semgrep # Run with recommended rulesets semgrep --config=auto . # Run specific ruleset semgrep --config=p/security-audit .
CodeQL (deep analysis)
# Create database codeql database create mydb --language=python --source-root=. # Run security queries codeql database analyze mydb codeql/python-queries:codeql-suites/python-security-extended.qls --format=sarif-latest --output=results.sarif
SARIF Processing
# Parse results with jq jq '.runs[].results[] | {ruleId, message: .message.text, location: .locations[0].physicalLocation.artifactLocation.uri}' results.sarif
Workflow
- Quick scan with Semgrep for fast results
- Deep analysis with CodeQL for thorough coverage
- Aggregate results using SARIF parsing
- Triage findings by severity and exploitability
- Custom rules for project-specific patterns
Related Skills
- semgrep-rule-creator - Dedicated skill for writing production-quality Semgrep rules
- variant-analysis - Find similar vulnerabilities using CodeQL/Semgrep patterns
- security-differential-review - Security-focused code review using static analysis findings