Rules

Semgrep’s open-source registry of rules let you get started scanning code without the need to write anything custom.

The registry includes rules to catch issues of security, performance, correctness, and other bugs. Contribute to the registry by writing your own rules and adding them to the Semgrep rules repo.