Zum Hauptinhalt springen
Dieser Inhalt ist noch nicht in Ihrer Sprache verfügbar und wird auf Englisch angezeigt.

Semgrep Rule Creator

Plugin Aktiv
Teil von:Trailofbits

Create custom Semgrep rules for detecting bug patterns and security vulnerabilities

1 Skill 0 MCPs
Zweck

To empower users to create precise and effective custom Semgrep rules for enhancing code security and quality through a guided, test-driven process.

Funktionen

  • Guided custom Semgrep rule development
  • Test-driven rule creation methodology
  • AST structure analysis support
  • Taint mode and pattern matching rule types
  • References to comprehensive Semgrep documentation

Anwendungsfälle

  • Creating specific Semgrep rules for bug patterns
  • Developing rules for security vulnerability detection
  • Building taint mode rules for data flow analysis
  • Enforcing custom coding standards with Semgrep

Nicht-Ziele

  • Running existing Semgrep rulesets
  • General static analysis without custom rule creation
  • Replacing the need for Semgrep installation

Trust

  • warning:Issues Attention13 issues opened and 4 closed in the last 90 days, indicating a low closure rate and potentially slow maintainer response.

Installation

Zuerst Marketplace hinzufügen

/plugin marketplace add trailofbits/skills
/plugin install semgrep-rule-creator@trailofbits

Enthält 1 Erweiterungen

Skill (1)

Semgrep Rule Creator Skill

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

100

Qualitätspunktzahl

79 /100
Analysiert about 17 hours ago

Vertrauenssignale

Letzter Commit3 days ago
GitHub-Inhaber trailofbits (opens in new tab)
Sterne5.2k
LizenzCC-BY-SA-4.0
Status
Quellcode ansehen

Ähnliche Erweiterungen

Semgrep Rule Variant Creator

94

Creates language variants of existing Semgrep rules with proper applicability analysis and test-driven validation

Plugin
trailofbits

Static Analysis

93

Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection

Plugin
trailofbits

Karpathy Coder

100

Active coding discipline enforcer based on Karpathy's 4 principles: surface assumptions, keep it simple, make surgical changes, define verifiable goals. Ships 4 Python tools (complexity_checker, diff_surgeon, assumption_linter, goal_verifier), a review agent, /karpathy-check slash command, and a pre-commit hook. All tools stdlib-only.

Plugin
alirezarezvani

Autoresearch Agent

100

Autonomous experiment loop that optimizes any file by a measurable metric. 5 slash commands, 8 evaluators, configurable loop intervals (10min to monthly).

Plugin
alirezarezvani

Trailmark Plugin

96

Builds multi-language source code graphs for security analysis: call graphs, attack surface mapping, blast radius, taint propagation, complexity hotspots, and entry point enumeration. Generates Mermaid diagrams (call graphs, class hierarchies, dependency maps, heatmaps). Compares code graph snapshots for structural diff and evolution analysis. Runs graph-informed mutation testing triage (genotoxic). Generates mutation-driven test vectors (vector-forge). Extracts crypto protocol message flows and converts Mermaid diagrams to ProVerif models. Projects SARIF and weAudit findings onto code graphs. Use when analyzing call paths, mapping attack surface, visualizing code architecture, triaging survived mutants, generating cryptographic test vectors, diagramming crypto protocols, formally verifying protocols, or augmenting audits with static analysis findings.

Plugin
trailofbits

Variant Analysis

79

Find similar vulnerabilities and bugs across codebases using pattern-based analysis

Plugin
trailofbits