Skip to main content

Semgrep Rule Variant Creator

Plugin Active
Part of:Trailofbits

Creates language variants of existing Semgrep rules with proper applicability analysis and test-driven validation

1 Skill 0 MCPs
Purpose

To streamline the process of porting Semgrep rules across different programming languages, ensuring accuracy and comprehensive testing.

Features

  • Automated applicability analysis per language
  • Test-first rule creation workflow
  • Generates independent rule variants for multiple languages
  • Outputs structured rule and test files
  • Adaptation for language-specific idioms

Use Cases

  • Porting existing Semgrep rules to new languages.
  • Expanding rule coverage across polyglot codebases.
  • Creating language-specific versions of vulnerability patterns.
  • Ensuring consistent security analysis across diverse language environments.

Non-Goals

  • Creating new Semgrep rules from scratch.
  • Running existing Semgrep rules against code.
  • Providing generic code linting or formatting.

Trust

  • warning:Issues Attention13 issues opened and 4 closed in the last 90 days suggests maintainers are responding slowly to a moderate number of open issues.

Code Execution

  • info:ValidationInput validation for the Semgrep rule file path and target languages is not explicitly schema-driven, relying on Semgrep's internal validation.

Installation

First, add the marketplace

/plugin marketplace add trailofbits/skills
/plugin install semgrep-rule-variant-creator@trailofbits

Contains 1 extensions

Skill (1)

Semgrep Rule Variant Creator Skill

Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target languages. Takes an existing rule and target languages as input, produces independent rule+test directories for each language.

95

Quality Score

94 /100
Analyzed about 11 hours ago

Trust Signals

Last commit3 days ago
GitHub owner trailofbits (opens in new tab)
Stars5.2k
LicenseCC-BY-SA-4.0
Status
View Source

Similar Extensions

Semgrep Rule Creator

79

Create custom Semgrep rules for detecting bug patterns and security vulnerabilities

Plugin
trailofbits

C4 Architecture

99

Comprehensive C4 architecture documentation workflow with bottom-up code analysis, component synthesis, container mapping, and context diagram generation

Plugin
wshobson

Dimensional Analysis

99

Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when someone asks to annotate units in a codebase, perform a dimensional analysis, or find vulnerabilities in a DeFi protocol. Prevents dimensional mismatches and catches formula bugs early.

Plugin
trailofbits

Ruflo Knowledge Graph

99

Knowledge graph construction — entity extraction, relation mapping, and pathfinder graph traversal

Plugin
ruvnet

Static Analysis

93

Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection

Plugin
trailofbits

Variant Analysis

79

Find similar vulnerabilities and bugs across codebases using pattern-based analysis

Plugin
trailofbits

© 2025 SkillRepo · Find the right skill, skip the noise.