Taint Tracking

Semgrep skill for static analysis on codebases with automatic language detection, parallel workers, merged SARIF output, and plan-first approval. Built for semgrep for Security Audit workflows, it supports run all and important only modes, uses --metrics=off, and can leverage Semgrep Pro when available.

The codeql skill helps you run CodeQL with fewer blind spots during a security audit. It focuses on database quality, suite selection, data extensions, and SARIF review so you can use codeql usage more reliably across supported languages. Use it for repeatable codeql guide steps when analyzing real repositories.