II.
LibraryProcess JSON
Structured · livelib-process:security-compliance--sast-pipeline
specializations/security-compliance/sast-pipeline json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "lib-process:security-compliance--sast-pipeline",
"_kind": "LibraryProcess",
"_file": "generated-library/processes.yaml",
"_cluster": "generated-library",
"attributes": {
"displayName": "specializations/security-compliance/sast-pipeline",
"description": "SAST Pipeline Integration - Automated static application security testing integration for CI/CD pipelines.\nCovers tool selection (SonarQube, Semgrep, Bandit, ESLint, etc.), CI/CD integration, security quality gates,\nvulnerability triage, false positive reduction, and continuous security monitoring.",
"libraryPath": "library/specializations/security-compliance/sast-pipeline.js",
"specialization": "security-compliance",
"references": [
"- OWASP SAST: https://owasp.org/www-community/Source_Code_Analysis_Tools",
"- SonarQube: https://www.sonarqube.org/",
"- Semgrep: https://semgrep.dev/",
"- Bandit: https://bandit.readthedocs.io/",
"- ESLint Security: https://github.com/nodesecurity/eslint-plugin-security",
"- NIST SAST Guide: https://csrc.nist.gov/publications/detail/sp/500-268/final"
],
"example": "const result = await orchestrate('specializations/security-compliance/sast-pipeline', {\n projectName: 'E-Commerce API',\n repositoryUrl: 'https://github.com/org/ecommerce-api',\n techStack: {\n language: 'JavaScript',\n framework: 'Node.js/Express',\n additionalLanguages: ['TypeScript', 'Python']\n },\n cicdPlatform: 'GitHub Actions',\n sastTools: ['SonarQube', 'Semgrep', 'ESLint Security'],\n qualityGates: {\n blockOnCritical: true,\n blockOnHigh: true,\n maxCritical: 0,\n maxHigh: 5,\n maxMedium: 20\n },\n severityThreshold: 'high',\n falsePositiveManagement: true,\n incrementalScanning: true,\n autoRemediation: false\n});",
"usesAgents": [
"sast-configuration-engineer",
"cicd-security-engineer",
"security-quality-engineer",
"vulnerability-triage-agent",
"sast-tuning-specialist",
"security-reporting-specialist",
"remediation-guidance-agent",
"security-technical-writer",
"security-qa-engineer",
"security-lead"
],
"usesSkills": [
"sast-analyzer"
]
},
"outgoingEdges": [
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "domain:security",
"kind": "lib_applies_to_domain",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "workflow:release-management",
"kind": "lib_implements_workflow",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "workflow:vulnerability-management",
"kind": "lib_implements_workflow",
"attributes": {
"weight": 0.7
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "specialization:security-compliance",
"kind": "lib_belongs_to_specialization",
"attributes": {
"weight": 0.9
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "lib-agent:security-compliance--vulnerability-triage-agent",
"kind": "uses_agent",
"attributes": {
"weight": 0.8
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "lib-agent:security-compliance--remediation-guidance-agent",
"kind": "uses_agent",
"attributes": {
"weight": 0.8
}
},
{
"from": "lib-process:security-compliance--sast-pipeline",
"to": "lib-skill:security-compliance--sast-analyzer",
"kind": "uses_skill",
"attributes": {
"weight": 0.8
}
}
],
"incomingEdges": []
}