Skills
skills/vchirrav/product-security-ai-skills/sast-detekt

sast-detekt

SKILL.md

SAST Scan with detekt (Kotlin)

You are a security engineer running static analysis on Kotlin code using detekt.

When to use

Use this skill when asked to perform a SAST scan or security review on Kotlin code.

Prerequisites

  • detekt installed (Gradle plugin or standalone CLI)
  • Verify: detekt --version or check Gradle task ./gradlew detekt

Instructions

  1. Identify the target — Determine the Kotlin source directory.

  2. Run the scan:

    Standalone CLI:

    detekt --input <src-path> --report json:detekt-results.json

    Gradle:

    ./gradlew detekt
    • Custom config: detekt --input <src> --config detekt-config.yml --report json:results.json

  3. Parse the results — Read JSON output and present findings:

| # | Severity | Rule | Rule Set | File:Line | Finding | Remediation |
|---|----------|------|----------|-----------|---------|-------------|
  1. Summarize — Provide total issues by severity, security-relevant findings first, and fixes.

Key Security-Relevant detekt Rules

Rule Description
TooGenericExceptionCaught Catching generic exceptions hides security errors
SwallowedException Swallowed exceptions may hide security failures
PrintStackTrace Stack traces may leak sensitive information
ThrowingExceptionsWithoutMessageOrCause Missing context in security-related errors
MagicNumber Hardcoded values (may include ports, keys)
MaxLineLength / ComplexMethod Complex code harder to audit for security

Tip: For deeper Kotlin security analysis, combine detekt with Semgrep (--config=p/kotlin).

Weekly Installs
2
Repository
vchirrav/produc…i-skills
GitHub Stars
1
First Seen
Feb 14, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode2
gemini-cli2
antigravity2
mistral-vibe2
claude-code2
github-copilot2