semgrep-rule-variant-creator
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is to guide the creation of Semgrep rule variants. All instructions and examples follow standard security research practices.
- [COMMAND_EXECUTION]: The skill mentions the use of the
semgrepcommand-line tool for legitimate tasks such as AST inspection (--dump-ast), rule validation (--validate), and testing (--test). These commands are used with local files and are standard for the described workflow. - [EXTERNAL_DOWNLOADS]: The skill contains references to official documentation on
semgrep.devandappsec.guide. These are well-known, trusted sources for security documentation and do not involve automated execution of remote code.
Audit Metadata