security-scanning-security-sast

The skill is largely coherent with its stated purpose of performing SAST across languages using recognized tools, with typical CI/CD integration and reporting workflows. There are no evident disallowed runtime actions or credential harvesting patterns in the provided configuration. The main risk stems from the general supply-chain risk of using multiple external tools and rule sets, but these are standard for SAST workflows when sourced from official registries and properly pinned. Overall, the footprint is Benign with MEDIUM securityRisk and LOW malware risk, assuming strict use of official tool sources, pinned versions, and secure CI configurations.