Map codebase architecture for security
sast-analysisskillsetup L2★0
reasonless-throne486/sast-skills ↗What it does
Analyze source code for security flaws without executing binary
Best for
When auditing source code in CI/CD or pre-release security review.
Inputs
- · source code tree or file
- · language and framework
Outputs
- · vulnerability list with code location
- · CVSS score estimate
Requires
- · static analysis engine
- · OWASP rules
Preconditions
- · source code readable
- · language recognized
Failure modes
- · false positives from library patterns
- · logic flaws undetectable static
- · config-based vulns missed
Trust signals
- · Rule provenance cited
- · OWASP mapping provided