
semgrep / skills
★ 232A skill package that teaches your agent 3 capabilities — every one documented and browsable below, no GitHub required · by semgrep.
Each skill below is one capability this package teaches your agent. Install the whole package, or open a skill to install just that one.
Security guidelines for writing secure code. Use when writing code, reviewing code for vulnerabilities, or asking about secure coding practices like 'check for…
35 files — installable on its own
Security guidelines for LLM applications based on OWASP Top 10 for LLM 2025. Use when building LLM apps, reviewing AI security, implementing RAG systems, or…
15 files — installable on its own
Run Semgrep static analysis scans and create custom detection rules. Use when asked to scan code with Semgrep, find security vulnerabilities, write custom YAML…
5 files — installable on its own
Agent Skills [Beta]
A collection of skills for AI coding agents. Skills are packaged instructions and scripts that extend agent capabilities. This should be considered beta-level software; it's primarily generated by transforming open-source Semgrep rules into skill format.
Skills follow the Agent Skills format.
Installation
npx skills add semgrep/skillsAvailable Skills
code-security
Comprehensive code security guidelines from Semgrep Engineering covering OWASP Top 10, infrastructure security, and secure coding best practices across 15+ languages.
Use when:
- Writing new code
- Reviewing code for security vulnerabilities
- Asking about secure coding practices
- Configuring cloud infrastructure (Terraform, Kubernetes, Docker)
Categories covered:
| Impact | Category | Description |
|---|---|---|
| Critical | SQL Injection | Parameterized queries, ORM safety |
| Critical | Command Injection | Shell command safety, input validation |
| Critical | Cross-Site Scripting (XSS) | Output encoding, DOM safety |
| Critical | XML External Entity (XXE) | XML parser configuration |
| Critical | Path Traversal | File path validation |
| Critical | Insecure Deserialization | Safe deserialization patterns |
| Critical | Code Injection | Eval safety, template injection |
| Critical | Hardcoded Secrets | Environment variables, secret management |
| Critical | Memory Safety | Buffer overflows, use-after-free (C/C++) |
| High | Insecure Cryptography | Strong hashing (SHA-256+), encryption (AES) |
| High | Insecure Transport | HTTPS, certificate validation, TLS |
| High | Server-Side Request Forgery | URL validation, allowlists |
| High | JWT Authentication | Signature verification, algorithm safety |
| High | Cross-Site Request Forgery | CSRF tokens, SameSite cookies |
| High | Prototype Pollution | Object key validation (JavaScript) |
| High | Unsafe Functions | Dangerous function alternatives |
| High | Terraform AWS | S3, IAM, EC2, RDS security |
| High | Terraform Azure | Storage, App Service, Key Vault |
| High | Terraform GCP | GCS, GCE, GKE, IAM |
| High | Kubernetes | Pod security, RBAC, secrets |
| High | Docker | Non-root containers, image pinning |
| High | GitHub Actions | Script injection, action pinning |
| Medium | Regex DoS | Catastrophic backtracking prevention |
| Medium | Race Conditions | TOCTOU, secure temp files |
| Medium | Code Correctness | Common bugs, type errors |
| Low | Best Practices | Code quality patterns |
| Low | Performance | Efficiency anti-patterns |
| Low | Maintainability | Code organization |
Languages: Python, JavaScript/TypeScript, Java, Go, Ruby, PHP, C/C++, C#, Scala, Kotlin, Rust, HCL (Terraform), YAML (Kubernetes)
llm-security
Security guidelines for LLM applications based on the OWASP Top 10 for Large Language Model Applications 2025.
Use when:
- Building LLM-powered applications
- Implementing RAG systems
- Securing AI/ML pipelines
- Reviewing code that interacts with language models
Categories covered:
| Impact | Category | Description |
|---|---|---|
| Critical | Prompt Injection | Input validation, content segregation, output filtering |
| Critical | Sensitive Information Disclosure | PII detection, permission-aware RAG |
| Critical | Supply Chain | Model verification, safetensors, ML-BOM |
| Critical | Data and Model Poisoning | Training data validation, anomaly detection |
| Critical | Improper Output Handling | Context-aware encoding, parameterized queries |
| High | Excessive Agency | Least privilege, human-in-the-loop |
| High | System Prompt Leakage | External guardrails, no secrets in prompts |
| High | Vector and Embedding Weaknesses | Permission-aware retrieval, tenant isolation |
| High | Misinformation | RAG, fact verification, confidence scoring |
| High | Unbounded Consumption | Rate limiting, budget controls |
Frameworks: OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF
semgrep
Run Semgrep static analysis scans and create custom detection rules for security vulnerabilities and bug patterns.
Use when:
- Running security scans with Semgrep
- Creating custom Semgrep rules
- Detecting specific vulnerability patterns
- Setting up Semgrep in CI/CD pipelines
Capabilities:
| Feature | Description |
|---|---|
| Quick Scans | Run semgrep --config auto or use curated rulesets |
| Rulesets | security-audit, owasp-top-ten, cwe-top-25, trailofbits |
| Custom Rules | Pattern matching and taint mode for data flow analysis |
| Test-Driven | Write test cases first with ruleid: and ok: annotations |
| CI/CD | GitHub Actions integration with diff-aware scanning |
Rule Creation Workflow:
- Analyze the vulnerability pattern
- Create test cases first (test-driven development)
- Analyze AST structure with
semgrep --dump-ast - Write the rule (taint mode for injection, pattern matching for syntax)
- Iterate until 100% tests pass
- Optimize patterns
When to use taint mode: SQL injection, command injection, XSS, path traversal, SSRF - any vulnerability where untrusted data flows to a dangerous sink.
Usage
Skills are automatically available once installed. The agent will use them when relevant tasks are detected.
Examples:
Review this React component for security issuesHelp me implement input validation for my LLM chat endpointCreate a Semgrep rule to detect hardcoded API keys in PythonDevelopment
Building Skills
make install # Install dependencies
make validate # Validate all skills
make build # Build AGENTS.md for all skills
make zip # Create distribution packages
make # All of the aboveSingle Skill Operations
make validate-skill SKILL=code-security
make build-skill SKILL=llm-securitySkill Structure
Each skill contains:
SKILL.md- Instructions for the agentrules/- Individual rule files (for skills with rules)scripts/- Helper scripts for automation (optional)references/- Supporting documentation (optional)
Acknowledgments
Originally created by @DrewDennison at Semgrep. This work was heavily inspired by Vercel's React Best Practices.
Install the whole package (3 skills):
npx skills add https://github.com/semgrep/skillsOr install a single skill:
npx skills add https://github.com/semgrep/skills --skill <name>Pick the skill name from the Skills tab — each entry there installs independently.