CodeQL Analysis

90/100
Skill
by Trail of Bits@trailofbits
CC-BY-SA-4.0

Scans a codebase for security vulnerabilities using CodeQL's interprocedural data flow and taint tracking analysis. Triggers on "run codeql", "codeql scan", "codeql analysis", "build codeql database", or "find vulnerabilities with...

Reviewed on v2026-05-16 - latest is v0.3.1. Scores may not reflect the current version.

Review Scores

Security34/35Maintain.31/35Usability25/30
Security34/35
Maintain.31/35
Usability25/30
Evidence:
high
Reviewed May 27, 2026
Drifted

Reviewed Version

2026-05-16

Latest Version

0.3.1(drift)

Freshness

Reviewed on 2026-05-16; latest is 0.3.1.

Scores reflect the version reviewed and may change with updates.

Security Audit - No Flags Reported

Audited May 27, 2026
Source is the public Trail of Bits skills repository. Curated entry preserves original SKILL.md content and avoids automatic tool execution during install.

Overview

When to Use

When NOT to Use

Setup

npx cldkit install codeql

Troubleshooting

More by Trail of Bits