Static application security testing (SAST) using Semgrep for vulnerability detection, security code review, and secure coding guidance with OWASP and CWE framework mapping. Use when: (1) Scanning code for security vulnerabilities across multiple languages, (2) Performing security code reviews with pattern-based detection, (3) Integrating SAST checks into CI/CD pipelines, (4) Providing remediation guidance with OWASP Top 10 and CWE mappings, (5) Creating custom security rules for organization-specific patterns, (6) Analyzing dependencies for known vulnerabilities.
/plugin marketplace add AgentSecOps/SecOpsAgentKit/plugin install appsec-skills@agent-sec-ops-kit-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/ci_config_examples/github-actions.ymlassets/ci_config_examples/gitlab-ci.ymlassets/ci_config_examples/jenkins.groovyassets/rule_template.yamlassets/semgrep_config.yamlreferences/owasp_cwe_mapping.mdreferences/remediation_guide.mdreferences/rule_library.mdBuild robust backtesting systems for trading strategies with proper handling of look-ahead bias, survivorship bias, and transaction costs. Use when developing trading algorithms, validating strategies, or building backtesting infrastructure.