git log --oneline --stat
HEAD
- Stars
- 4.2k
- Forks
- 258
- Updated
- Jun 24, 2026
repo --stat
stars
4.2k
forks
258
last update
Jun 24, 2026
license
MITv1.3.0
quickstart.sh
3 steps
- Install
// Drops SKILL.md into ~/.claude/skills/
$ claude skills add semgrep-appsec - Invoke
// Run from any project directory
$ claude --skill semgrep-appsec "wire up a GitHub Actions deploy" - Iterate
// Re-run with edits — Claude keeps the skill loaded
$ claude --skill semgrep-appsec "now refactor it"
semgrep-appsec/
references
- references/
- SKILL.mdopen
- README.mdopen
SKILL.md
readonly
- name:
- Semgrep AppSec Pro
- slug:
- semgrep-appsec
- version:
- v1.3.0
- license:
- MIT
- author:
- @semgrep-craft
- repository:
- github.com/semgrep-craft/semgrep-appsec
- categories:
- tags:
- #semgrep#sast#appsec#supply-chain#taint-analysis
- description:
Semgrep SAST and supply-chain SCA — custom rules, taint mode, reachability, PR scanning, OWASP triage.
features.md
3 capabilities
// What you can do with it
- Automates the tedious parts of the workflow.
- Gives Claude the right context, tools, and guardrails.
- Produces consistent, reviewable output every time.
README.md
semgrep-appsec/README.md
5 sections
Loading README…
$ cat reviews/
Reviews
// No reviews yet. Be the first.
Loading review form…