The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill instructs the user to install 'semgrep' via pip and the 'gh-codeql' extension via the GitHub CLI. It also references an external repository for pre-commit hooks (github.com/returntocorp/semgrep). While these are official sources for the respective tools, the organizations are not within the explicitly defined 'Trusted Organizations' list, necessitating standard verification.\n- [COMMAND_EXECUTION] (LOW): The skill provides various shell commands for setting up environment tools, including pip install, docker run, and execution of a local script ./scripts/run-sast.sh. These commands are standard for tool setup but require user oversight as they interact with the host system.

sast-configuration