O

Semgrep Rules

COMMUNITY

A collection of my Semgrep rules to facilitate vulnerability research.

Downloads 0
Stars 813
Version 1.0.0
Quality 80/100 · Strong

Install with one command

$ npx skills add 0xdea/semgrep-rules

Best for

Coding agents

Discover skills for code generation, repository analysis, pull-request review, testing, debugging, and agentic software engineering.

Choose it when

  • You want a GitHub-backed skill with 813 stars.
  • You need a reusable install command for agents.
  • You want to compare it with related marketplace skills.

Check before install

  • Pushed 1mo ago
  • License: MIT
  • Review the repository README and examples.

Quality profile

Strong candidate for agent workflows

Solid option that is likely worth shortlisting for production workflows.

80
GitHub stars
813
Freshness
1mo ago
Install ready
Yes
License
MIT

Workflow fit

Use this skill in these scenarios

Build and ship code

Coding agents

I need a coding agent that can understand a repository, edit code, and review pull requests.

Manage repositories

GitHub automation

I need my agent to triage GitHub issues, review pull requests, and summarize repository changes.

Investigate faster

Research agents

I need my agent to research a topic, compare sources, and produce a concise report.

Stack fit

Add it to a complete workflow

Inspect, patch, and verify code

Coding review agent

A stack for software agents that inspect repositories, review pull requests, generate tests, and turn findings into shippable patches.

Find, compare, and synthesize

Research report agent

A stack for agents that gather sources, compare claims, summarize long material, and draft useful research briefs.

Ingest, retrieve, and cite

RAG knowledge base

A stack for document-heavy agents that ingest files, create searchable knowledge, retrieve relevant context, and answer with grounded sources.

Overview

A collection of my Semgrep rules to facilitate vulnerability research.

Imported by the skill-only GitHub discovery pipeline because it matches agent skill, automation, RAG, or developer-tool signals. Protocol-server projects are excluded from automated imports.

Platform Compatibility

cFULL
static-analysisFULL

Technical Details

Version
1.0.0
License
MIT
Last Updated
5/24/2026
Published
5/24/2026

Frameworks & Tools

CStatic Analysis

Install

Free and open source

Compare AlternativesView on GitHubDocumentation

Author

0

0xdea

@0xdea

Tags

static-analysiscode-qualitycode-reviewsemgrepsemgrep-rulesvulnerability-researchcgithub

Platform Fit

Claude Code

Health Signals

GitHub stars
813
Quality score
51/100
Last GitHub push
Apr 12, 2026
Framework hints
2

Community Signal

Share whether this skill looks useful for your agent workflow. Aggregated feedback improves rankings over time.

Trust & Safety

  • Open source (public GitHub repo)
  • AI static analysis passed
  • License: MIT

Related Skills

Gemini CLI

Bring a coding agent directly into the terminal

104.5K stars · 0 installs

System Prompts And Models Of AI Tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI, VSCode Agent, Warp.dev, Windsurf, Xcode, Z.ai Code, Dia & v0. (And other Open Sourced) System Prompts, Internal Tools & AI Models

138.2K stars · 0 installs

Antigravity Awesome Skills

A comprehensive library of over 1,273 agentic skills for various AI coding assistants, featuring clear documentation and installation instructions.

38.5K stars · 0 installs

Agent Skills

Agent Skills provides a structured approach for AI coding agents to follow production-grade engineering practices throughout the software development lifecycle.

45.2K stars · 0 installs