dcyfr-security
CommunitySuppress CodeQL false positives and secure code.
Software Engineering#security#code-review#codeql#secure-development#false-positives#suppressions#vulnerability-troubleshooting
Authordcyfr
Version1.0.0
Installs0
System Documentation
What problem does it solve?
CodeQL false positives and vulnerability issues can slow down development and obscure real security problems. This Skill guides developers through suppression techniques, vulnerability troubleshooting, and verification patterns to streamline secure coding practices.
Core Features & Use Cases
- CodeQL suppressions with LGTM-style syntax to reduce noise while maintaining justification.
- Security vulnerability troubleshooting for issues like SSRF and CWE-918.
- False positive patterns and verification to prevent regressive alerts.
- Security testing patterns and documented workflows for secure code reviews.
Quick Start
Identify a CodeQL alert, apply an LGTM suppression with a justified reason, and verify that the alert is correctly suppressed.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: dcyfr-security Download link: https://github.com/dcyfr/dcyfr-labs/archive/main.zip#dcyfr-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.