Technical & DevelopmentIntermediate
semgrep-rule-creator
Create and refine Semgrep rules for vulnerability detection
Developer Setup
Setup & Installation
bash
npx skills add https://github.com/trailofbits/skills --skill semgrep-rule-creatornpx skills add https://github.com/trailofbits/skills --skill semgrep-rule-creatorOr paste this URL into your assistant to install:
Overview
What This Skill Does
Creates custom Semgrep rules for detecting security vulnerabilities and code patterns. Guides you through a test-first workflow: write tests, analyze the AST, write the rule, iterate until all tests pass. Supports both pattern matching and taint mode for data flow analysis.
Application
When to use this Skill
- Configuring integration settings for custom agent workflows.
- Optimizing query execution and response latency in production.
- Developing clean, standard-compliant implementations for enterprise services.
- Troubleshooting connection timeouts and authentication handshakes.
- Monitoring API rate limits and execution pipelines programmatically.
Documentation
Show Skills.md file
Semgrep Rule Creator
Create production-quality Semgrep rules for detecting bug patterns and security vulnerabilities.
Author: Maciej Domanski
Skills Included
| Skill | Purpose |
|---|---|
semgrep-rule-creator |
Guide creation of custom Semgrep rules with testing |
When to Use
Use this skill when you need to:
- Create custom Semgrep rules for detecting specific bug patterns
- Write rules for security vulnerability detection
- Build taint mode rules for data flow analysis
- Develop pattern matching rules for code quality checks
What It Does
- Guides test-driven rule development (write tests first, then iterate)
- Analyzes AST structure to help craft precise patterns
- Supports both taint mode (data flow) and pattern matching approaches
Lines 1 - 25 of 43
Recommendations