codeql
trailofbits · Development
CodeQL静态分析工具的详细使用指南,将代码视为数据库进行复杂模式查询。涵盖安装、数据库创建、查询执行和CI/CD集成,明确区分了其与Semgrep等替代工具的适用场景。
Run CodeQL static analysis for security vulnerability detection, taint tracking, and data flow analysis. Use when asked to analyze code with CodeQL, create CodeQL databases, write custom QL queries, perform security audits, or set up CodeQL in CI/CD pipelines.
npx skills add https://github.com/trailofbits/skills --skill codeql
星标 5680 · 安装量 4795