sast-configuration
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install standard security tools, including Semgrep via the Python package registry and the CodeQL extension from GitHub's official repository. These references target well-known services and trusted organizations for their intended functionality.\n- [COMMAND_EXECUTION]: Contains example shell commands for initializing SAST tools, such as running SonarQube via Docker and executing Semgrep scans. These are standard operational commands for the skill's purpose of setting up automated security testing.
Audit Metadata