Skip to main content
SkillJury
Back to the directory
trailofbits/skillsSoftware EngineeringFrontend and Design

codeql

Interprocedural security vulnerability scanning with data flow analysis and customizable query suites.

SkillJury keeps community verdicts, source metadata, and external repository signals in separate lanes so ranking data never pretends to be a review.

SkillJury verdict
Pending

No approved reviews yet

Would recommend
Pending

Waiting on enough review volume

Install signal
2

Weekly or total install activity from catalog data

Sign in to review
0 review requests
Install command
npx skills add https://github.com/trailofbits/skills --skill codeql
SkillJury does not have enough approved reviews to publish a community verdict yet. Source metadata and repository proof are still available above.
SkillJury Signal Summary

As of May 1, 2026, codeql has 2 weekly installs, 0 community reviews on SkillJury. Community votes currently stand at 0 upvotes and 0 downvotes. Source: trailofbits/skills. Canonical URL: https://skills.sh/trailofbits/skills/codeql.

Security audits
Gen Agent Trust HubPASS
SocketPASS
SnykWARN
About this skill
Interprocedural security vulnerability scanning with data flow analysis and customizable query suites. Supported languages: Python, JavaScript/TypeScript, Go, Java/Kotlin, C/C++, C#, Ruby, Swift. Skill resources: Reference files and templates are located at {baseDir}/references/ and {baseDir}/workflows/ . Database quality is non-negotiable. A database that builds is not automatically good. Always run quality assessment (file counts, baseline LoC, extractor errors) and compare against expected source files. A cached build produces zero useful extraction. Data extensions catch what CodeQL misses.

Source description provided by the upstream listing. Community review signal and install context stay separate from this narrative layer.

Community reviews

Latest reviews

No community reviews yet. Be the first to review.

Browse this skill in context
FAQ
What does codeql do?

Interprocedural security vulnerability scanning with data flow analysis and customizable query suites.

Is codeql good?

codeql does not have approved reviews yet, so SkillJury cannot publish a community verdict.

Which AI agents support codeql?

codeql currently lists compatibility with Skills CLI.

Is codeql safe to install?

codeql has been scanned by security audit providers tracked on SkillJury. Check the security audits section on this page for detailed results from Socket.dev and Snyk.

What are alternatives to codeql?

Skills in the same category include review-management, conversation-memory, coverage, grimoire-aave.

How do I install codeql?

Run the following command to install codeql: npx skills add https://github.com/trailofbits/skills --skill codeql

review-managementconversation-memorycoveragegrimoire-aave
Related skills

More from trailofbits/skills

trailofbits/skills/Software Engineering

dimensional-analysis

This skill orchestrates a dimensional-analysis pipeline for codebases that perform numeric computations with mixed units, precisions, or scaling factors. The main skill context is a workflow controller only: it delegates scanning, vocabulary discovery, annotation, propagation, and validation to specialized subagents,...

Weekly installs
809
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

ask-questions-if-underspecified

Ask clarifying questions before implementing when requirements are ambiguous or incomplete.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

modern-python

Modern Python project setup with uv, ruff, and ty for Python 3.11+.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
trailofbits/skills/Software Engineering

semgrep

Parallel static analysis scanner with automatic language detection, Pro cross-file taint tracking, and merged SARIF output.

Weekly installs
3
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource trailofbits/skills
Related skills

Alternatives in Software Engineering

eronred/aso-skills/Software Engineering

review-management

Source details, install context, and public review data are available on the full page.

Weekly installs
999
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource eronred/aso-skills
sickn33/antigravity-awesome-skills/Software Engineering

conversation-memory

Persistent memory systems for LLM conversations with tiered storage and intelligent retrieval.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource sickn33/antigravity-awesome-skills
alirezarezvani/claude-skills/Software Engineering

coverage

Map all testable surfaces in the application and identify what's tested vs. what's missing.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource alirezarezvani/claude-skills
franalgaba/grimoire/Software Engineering

grimoire-aave

Query Aave V3 market data, reserve snapshots, and health metrics across supported chains.

Weekly installs
998
Community vote
0
0 up / 0 down
Freshness
Synced May 1, 2026
Software EngineeringFrontend and DesignNo reviews yetSource franalgaba/grimoire