CodeQL security audit pipeline: static scanning, SARIF triage, and QL query optimization. Trigger on: CodeQL, .ql, .sarif, taint tracking, source→sink, LGTM, GitHub Code Scanning, "scan this repo", "analyze this vulnerability", "optimize this query".

Install

openclaw skills install @k2-l/codeql-skill