semgrep-rule-creator
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a comprehensive and secure workflow for static analysis rule creation. It includes strict validation steps and anti-pattern warnings to ensure the quality and safety of the generated rules.
- [EXTERNAL_DOWNLOADS]: The skill instructions direct the agent to fetch documentation from well-known and trusted sources, including the official Semgrep documentation and the Trail of Bits Application Security Guide. These operations are transparent and serve the primary purpose of the skill.
- [COMMAND_EXECUTION]: The skill utilizes local command execution to run the Semgrep CLI for testing and AST analysis. This is a legitimate requirement for the skill's functionality and is performed on files generated during the user-initiated workflow.
Audit Metadata