此内容尚未提供您的语言版本,正在以英文显示。

Semgrep Rule Variant Creator

插件活跃

Creates language variants of existing Semgrep rules with proper applicability analysis and test-driven validation

1 个 Skill 0 个 MCP

目的

To streamline the process of porting Semgrep rules across different programming languages, ensuring accuracy and comprehensive testing.

功能

Automated applicability analysis per language
Test-first rule creation workflow
Generates independent rule variants for multiple languages
Outputs structured rule and test files
Adaptation for language-specific idioms

使用场景

Porting existing Semgrep rules to new languages.
Expanding rule coverage across polyglot codebases.
Creating language-specific versions of vulnerability patterns.
Ensuring consistent security analysis across diverse language environments.

非目标

Creating new Semgrep rules from scratch.
Running existing Semgrep rules against code.
Providing generic code linting or formatting.

Trust

warning:Issues Attention13 issues opened and 4 closed in the last 90 days suggests maintainers are responding slowly to a moderate number of open issues.

Code Execution

info:ValidationInput validation for the Semgrep rule file path and target languages is not explicitly schema-driven, relying on Semgrep's internal validation.

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills

/plugin install semgrep-rule-variant-creator@trailofbits

包含 1 个扩展

Skill (1)

Semgrep Rule Variant Creator 技能

Creates language variants of existing Semgrep rules. Use when porting a Semgrep rule to specified target languages. Takes an existing rule and target languages as input, produces independent rule+test directories for each language.

质量评分

94 /100

about 23 hours ago 分析

信任信号

最近提交3 days ago

GitHub 所有者 trailofbits

星标5.2k

许可证CC-BY-SA-4.0

状态

查看源代码

类似扩展

Semgrep Rule Creator

Create custom Semgrep rules for detecting bug patterns and security vulnerabilities

插件

trailofbits

C4 Architecture

Comprehensive C4 architecture documentation workflow with bottom-up code analysis, component synthesis, container mapping, and context diagram generation

插件

wshobson

Dimensional Analysis

Annotates codebases with dimensional analysis comments documenting units, dimensions, and decimal scaling. Use when someone asks to annotate units in a codebase, perform a dimensional analysis, or find vulnerabilities in a DeFi protocol. Prevents dimensional mismatches and catches formula bugs early.

插件

trailofbits

Ruflo Knowledge Graph

Knowledge graph construction — entity extraction, relation mapping, and pathfinder graph traversal

插件

ruvnet

Static Analysis

Static analysis toolkit with CodeQL, Semgrep, and SARIF parsing for security vulnerability detection

插件

trailofbits

Variant Analysis

Find similar vulnerabilities and bugs across codebases using pattern-based analysis

插件

trailofbits