Code SAST Scan
code_scanRun static analysis on source code to detect security flaws like SQL injection, XSS, and command injection. Returns findings with CWE classifications and severity levels.
Instructions
Run SAST (Static Application Security Testing) on source code via Semgrep.
Scans for security flaws: SQL injection, XSS, command injection,
hardcoded credentials, insecure deserialization, path traversal, etc.
Returns findings with CWE classifications and severity levels.
Requires ``semgrep`` on PATH (``pip install semgrep``).
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | Yes | Path to source code directory to scan. | |
| config | No | Semgrep config. 'auto' = Semgrep Registry rules. Can be a path or registry string. | auto |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |