scan_code
Detect code vulnerabilities and unsafe patterns through static analysis with semgrep and bandit.
Instructions
Static analysis (SAST) for code vulnerabilities and unsafe patterns. Uses semgrep and bandit when installed; skips missing engines.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | Yes | Absolute or relative path to the project directory to scan. | |
| severity_threshold | No | Minimum severity to include in results (default: info — all severities). |