Skip to content

feat(secdevai-tool): refined SKILL.md#17

Draft
mpapadopoullos wants to merge 3 commits into
RedHatProductSecurity:mainfrom
mpapadopoullos:feat/secdevai-tool-refined
Draft

feat(secdevai-tool): refined SKILL.md#17
mpapadopoullos wants to merge 3 commits into
RedHatProductSecurity:mainfrom
mpapadopoullos:feat/secdevai-tool-refined

Conversation

@mpapadopoullos
Copy link
Copy Markdown
Contributor

@mpapadopoullos mpapadopoullos commented May 11, 2026

  • Introduce tool_resolution mapping to select security tools per programming language (Python, Go, Java, JavaScript, Rust)
  • Add structured input_schema defining allowed tool selection (bandit, gosec, scorecard, semgrep, all)
  • Standardize script path usage via ${BASE_DIR} for container execution helper script
  • Refactor tool execution documentation with clearer per-tool sections (Bandit, GoSec, Scorecard, Semgrep)
  • Improve Semgrep container workflow
  • Add language_detection rules based on common project files for automatic tool configuration
  • Provide explicit example of Semgrep command construction with multiple --config flags

@mpapadopoullos
feat(secdevai-tool): refined SKILL.md
7c89479 
- Introduce `tool_resolution` mapping to select security tools per programming language (Python, Go, Java, JavaScript, Rust)
- Add structured `input_schema` defining allowed tool selection (`bandit`, `gosec`, `scorecard`, `semgrep`, `all`)
- Standardize script path usage via `${BASE_DIR}` for container execution helper script
- Refactor tool execution documentation with clearer per-tool sections (Bandit, GoSec, Scorecard, Semgrep)
- Improve Semgrep container workflow
- Add `language_detection` rules based on common project files for automatic tool configuration
- Provide explicit example of Semgrep command construction with multiple `--config` flags
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 11, 2026
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: 1e411a2d-1bcd-4a44-a87f-5362d0acff6d

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mpapadopoullos