此内容尚未提供您的语言版本,正在以英文显示。

CodeQL Static Analysis

技能已验证活跃

Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. Triggers on "run codeql", "codeql scan", "codeql analysis", "build codeql database", or "find vulnerabilities with codeql". Supports "run all" (security-and-quality + security-experimental suites) and "important only" (high-precision security findings) scan modes. Also handles creating data extension models and processing CodeQL SARIF output.

目的

To enable users to conduct in-depth security vulnerability scans on codebases using CodeQL's powerful static analysis capabilities.

功能

CodeQL database creation and management
Data extension modeling for custom APIs
Security analysis with taint tracking
Support for multiple programming languages
Processing of CodeQL SARIF output

使用场景

Scanning codebases for security vulnerabilities using deep data flow analysis
Performing comprehensive security audits with multiple query packs
Building CodeQL databases from source code, including for compiled languages
Finding complex vulnerabilities that require interprocedural taint tracking

非目标

Writing custom CodeQL queries (use a dedicated query development skill)
Direct CI/CD integration (refer to GitHub Actions documentation)
Quick pattern searches (use Semgrep or grep for speed)
Lightweight analysis of single files (Semgrep is faster for simple pattern matching)

工作流

Discover or resolve output directory
Build CodeQL database
Create data extensions (if applicable)
Run CodeQL analysis with selected query suites
Process and filter SARIF results

实践

Code quality assessment
Security analysis
Data flow analysis
Build system integration

先决条件

CodeQL CLI installed and available on PATH
Sufficient disk space for database and analysis artifacts
Appropriate build tools for the target language (if building a database for compiled languages)

安装

请先添加 Marketplace

/plugin marketplace add trailofbits/skills

/plugin install static-analysis@trailofbits

质量评分

已验证

99 /100

1 day ago 分析

信任信号

最近提交3 days ago

GitHub 所有者 trailofbits

星标5.2k

许可证CC-BY-SA-4.0

状态

查看源代码

类似扩展

Semgrep Rule Creator

100

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

技能

trailofbits

Fp Check

Systematically verifies suspected security bugs to eliminate false positives. Produces TRUE POSITIVE or FALSE POSITIVE verdicts with documented evidence for each bug.

技能

trailofbits

Constant Time Analysis

Detects timing side-channel vulnerabilities in cryptographic code. Use when implementing or reviewing crypto code, encountering division on secrets, secret-dependent branches, or constant-time programming questions in C, C++, Go, Rust, Swift, Java, Kotlin, C#, PHP, JavaScript, TypeScript, Python, or Ruby.

技能

trailofbits

Variant Analysis

Find similar vulnerabilities and bugs across codebases using pattern-based analysis. Use when hunting bug variants, building CodeQL/Semgrep queries, analyzing security vulnerabilities, or performing systematic code audits after finding an initial issue.

技能

trailofbits

Semgrep

Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Automatically detects and uses Semgrep Pro for cross-file taint analysis when available. Use when asked to scan code for vulnerabilities, run a security audit with Semgrep, find bugs, or perform static analysis. Spawns parallel workers for multi-language codebases.

技能

trailofbits

Janitor Usage

100

显示您使用的技能以及从未使用过的技能

技能

khendzel