> For the complete documentation index, see [llms.txt](https://docs.xygeni.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.xygeni.io/xygeni-products/code-security-cs/ci-cd-scanner.md).

# SAST Scanner

## Table of Contents

1. [Purpose](#purpose)
2. [Quick Start](#quick_start)
3. [Usage](#usage)

### Purpose <a href="#purpose" id="purpose"></a>

A **Static Application Security Testing (SAST)** scan is employed to **analyze source code for security vulnerabilities** at an early stage in the development process.

### Quick Start <a href="#quick_start" id="quick_start"></a>

Use the following command to detect code vulnerabilities in the current directory and upload the results to the Xygeni Platform:

```bash
xygeni sast -n MyProject --upload
```

{% hint style="info" %}
The SAST scanner can be run in two different ways:

* Running its own specific command ( `xygeni sast [options]` )
* Running the general command ( `xygeni scan --run="sast" [options]` )
  {% endhint %}

Export code vulnerability with critical severity to CSV for review or to import findings into other tools:

```bash
xygeni sast-n MyProject --detectors critical \
            --format csv --output MyProject.misconfs.csv
```

### Usage <a href="#usage" id="usage"></a>

The SAST Scanner is launched using the `xygeni sast [options]` command.

To view all available options, use the `--help` flag:

```bash
xygeni sast --help
```

The most important properties are:

* **Name** of the Xygeni Project `-n` or `--name`.
* **Input source** to analyze. Either specify a **directory** with: `-d` or `--dir` or specify a **repository** using: `--repo`. The scan will analyze the current working directory when no target is specified.
* **Upload** results to the service `--upload`. By default, results are not uploaded.
* **Output file** (`-o` or `--output`) and **format** (`-f` or `--format`). If no output file is specified (or stdout / - are used), the standard output is used. Use `--format=none` for no output.
* Specify what detectors to run with the `--detectors` / `--skip-detectors` options. A common use-case is to consider only issues with high or critical severity with `--detectors=high`.
* The *resource kinds* to be scanned could also be tailored with the `--kinds` / `--skip-kinds` options.

```bash
Configuration options:
  -c, --conf=<config>        Configuration filepath template (filename will be prefixed by 'SCAN.')
      --[no-]conf-download   Download scanner config? (default: true}
      --detectors=SCAN=list[|SCAN=list...]
                             Detectors to include per stage. <list> is comma-separated of detector IDs, a severity or 'all'.
                             Example: --detectors secrets=high|iac=critical|misconf=all
      --skip-detectors=SCAN=list[|SCAN=list...]
                             Detectors to exclude per stage. <list> is comma-separated list of detector IDs, or a severity.
      --custom-detectors-dir=<customDetectorsDir>
                             Directory with custom detectors.
```

### Currently Supported Programming Languages and Technologies:

The Xygeni SAST Scanner ships with **native detectors** for the following languages — covering CWE-mapped vulnerability patterns, taint analysis, and framework-specific rules:

* C#
* Go
* HTML
* Java
* JavaScript / TypeScript
* Kotlin
* PHP
* Python
* Swift

**Additional language coverage** is available for the following languages through Xygeni-curated SAST rule packs:

* C / C++
* Dart (including Flutter)
* Objective-C
* Rust
* Scala

For the full catalog of SAST detectors per language — including CWE, OWASP Top 10, MASVS and ASVS mappings — see the [Xygeni SAST detectors reference](https://detectors.xygeni.io/xydocs/sast/detectors/index.html).


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.xygeni.io/xygeni-products/code-security-cs/ci-cd-scanner.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.