trailofbits-semgrep
Trail of Bits security skill to run Semgrep for pattern-based static analysis of code.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for trailofbits-semgrep, derived from its capabilities.
AIVSS 7.3 ยท High
View MAESTRO 7-layer threat model โOverview
Security skill from Trail of Bits that drives Semgrep to scan code for vulnerable patterns. Runs Semgrep and interprets findings; part of the static-analysis plugin with bundled configuration and guidance.
Key features
- Semgrep scanning
- Pattern-based detection
- Finding interpretation
Use cases
- Static security review
- Detecting known bug patterns