llm-sast-scanner

The 'llm-sast-scanner' bundle is a comprehensive SAST (Static Application Security Testing) tool designed to guide an AI agent through security audits. It contains extensive reference documentation for 34 vulnerability classes (e.g., SQLi, RCE, XXE) across multiple languages. The SKILL.md defines a sophisticated 'Judge' workflow that prioritizes accuracy by requiring reachability and exploitability checks, and it includes explicit guardrails to ignore non-malicious contexts like demo code or operator-controlled configurations. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found; the bundle is strictly aligned with its stated purpose of professional security analysis.