by utkusen · Agent Tool · ★ 529
Last updated: · Indexed by AgentSkillsHub · Auto-synced every 8h
LLM SAST Skills A collection of agent skills that turn your LLM coding assistant into a fully functional SAST scanner to find vulnerabilities in your codebase. Works natively with Claude Code, Codex, Opencode, Cursor and any other assistant that supports agent skills. No third-party tools required. Claude Code with Opus model is recommended. But if the cost is a concern, use any IDE and model you trust. How It Works (for Claude Code) or (for Opencode and other IDEs) orchestrates the entire assessment workflow automatically. The assessment runs in three steps: Codebase Analysis -- The skill maps the technology stack, architecture, entry points, data flows, and trust boundaries. It writes its findings to . Vulnerability Detection (parallel) -- All 13 vulnerability detection skills run in parallel as subagents. Each skill follows a two-phase approach: first a recon/discovery phase to find candidate sections, then a verification phase to confirm exploitability. Results are written to . Report Generation -- The skill consolidates all findings into a single , ranked by severity with full remediation guidance and dynamic test instructions. What It Detects SQ
| Stars | 529 |
| Forks | 18 |
| Category | Agent Tool |
| License | MIT |
| Quality Score | 67.8233791266676/100 |
| Last Updated | 2026-04-08 |
| Created | 2026-03-30 |
| Platforms | claude-code |
| Est. Tokens | ~405k |
These tools work well together with sast-skills for enhanced workflows:
Looking for a sast-skills alternative? If you're comparing sast-skills with other agent tool tools, these 6 projects are the closest alternatives on Agent Skills Hub — ranked by topic overlap, star count, and community traction.
Discover and compare open-source Agent Skills, tools & MCP servers — with quality scoring, trending analysis,
Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (
Open-source MCP server for LinkedIn. Give Claude and any MCP-compatible AI agent access to profiles, companies
The most comprehensive toolkit for Claude Code -- 135 agents, 35 curated skills (+400,000 via SkillKit), 42 co
Supports GPT Image 2, Seedance & ComfyUI, with a 1,400+ prompt library, carefully crafted hooks and a multi-ta
A Model Context Protocol (MCP) server that enables secure interaction with MySQL databases
Explore other popular agent tool tools:
sast-skills is Collection of agent skills that turn your AI coder into a SAST scanner. It is categorized as a Agent Tool with 529 GitHub stars.
You can find installation instructions and usage details in the sast-skills GitHub repository at github.com/utkusen/sast-skills. The project has 529 stars and 18 forks, indicating an active community.
sast-skills is released under the MIT license, making it free to use and modify according to the license terms.
The top alternatives to sast-skills on Agent Skills Hub include agent-skills-hub, agent-security-scanner-mcp, linkedin-mcp-server. Each offers a different approach to the same problem space — compare them side-by-side by stars, quality score, and community activity.