·irify-sast
!

irify-sast

yaklang/irify-sast-skillGitHub: yaklang/irify-sast-skillSource: yaklang/irify-sast-skill

IRify SAST — AI-powered static application security testing. Compile source code into SSA IR, then use SyntaxFlow DSL to trace data flow across function boundaries, detect vulnerabilities (SQLi, RCE, XXE), and answer questions like "where does user input go?". Supports 7 languages (Java, PHP, JS, Go, Python, C, Yak) and incremental compilation via ProgramOverLay. Requires yaklang MCP server: yak mcp -t ssa

yaklang·irify·sast
14Installs·0Trend·@yaklang

Installation

GitHub: yaklang/irify-sast-skill
$npx skills add https://github.com/yaklang/irify-sast-skill --skill irify-sast

How to Install irify-sast

Quickly install irify-sast AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/yaklang/irify-sast-skill --skill irify-sast
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: yaklang/irify-sast-skill.

SKILL.md

View raw

Deep static analysis skill powered by IRify's SSA compiler and SyntaxFlow query engine.

This skill requires the yaklang MCP server. Configure it in your agent's MCP settings:

CRITICAL: Always follow the Engine-First funnel model. The SSA engine sees cross-procedure data flow across all files simultaneously — grep cannot. Do NOT use grep/rg to build a "candidate file pool" before querying. Instead, let the engine be your radar first.

IRify SAST — AI-powered static application security testing. Compile source code into SSA IR, then use SyntaxFlow DSL to trace data flow across function boundaries, detect vulnerabilities (SQLi, RCE, XXE), and answer questions like "where does user input go?". Supports 7 languages (Java, PHP, JS, Go, Python, C, Yak) and incremental compilation via ProgramOverLay. Requires yaklang MCP server: yak mcp -t ssa Source: yaklang/irify-sast-skill.

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/yaklang/irify-sast-skill --skill irify-sast
Source
yaklang/irify-sast-skill
Category
!Security
Verified
First Seen
2026-03-01
Updated
2026-03-11
URL
https://www.learn-skills.dev/en/skills/yaklang/irify-sast-skill/irify-sast

Browse more skills from yaklang/irify-sast-skill

Quick answers

What is irify-sast?

IRify SAST — AI-powered static application security testing. Compile source code into SSA IR, then use SyntaxFlow DSL to trace data flow across function boundaries, detect vulnerabilities (SQLi, RCE, XXE), and answer questions like "where does user input go?". Supports 7 languages (Java, PHP, JS, Go, Python, C, Yak) and incremental compilation via ProgramOverLay. Requires yaklang MCP server: yak mcp -t ssa Source: yaklang/irify-sast-skill.

How do I install irify-sast?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/yaklang/irify-sast-skill --skill irify-sast Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/yaklang/irify-sast-skill

Details

Category
!Security
Source
skills.sh
First Seen
2026-03-01

Related Skills

None