Agent-Skills.md

Agent Skills: Semgrep Rule Creator (MX)

Writing custom Semgrep rules to enforce MultiversX best practices.

UncategorizedID: multiversx/mx-ai-skills/mvx_semgrep_creator

Repository

multiversx/mx-ai-skills
multiversxLicense: MIT
104

Install this agent skill to your local

pnpm dlx add-skill https://github.com/multiversx/mx-ai-skills/tree/HEAD/antigravity/skills/mvx_semgrep_creator

Skill Files

Browse the full folder contents for mvx_semgrep_creator.

Download Skill

Loading file tree…

antigravity/skills/mvx_semgrep_creator/SKILL.md

Skill Metadata

Name
mvx_semgrep_creator
Description
Writing custom Semgrep rules to enforce MultiversX best practices.

Semgrep Rule Creator (MX)

This skill guides you in writing Semgrep rules to catch MultiversX-specific patterns automatically.

1. Common Patterns

  • Unsafe Math: x + y where x is u64.
  • Floating Point: f64.
  • Endpoint without Payment Check: #[payable] function without call_value().

2. Template

rules:
  - id: mvx-unsafe-addition
    languages: [rust]
    message: "Potential arithmetic overflow. Use checked_add or BigUint."
    severity: ERROR
    patterns:
      - pattern: $X + $Y
      - pattern-not: $X.checked_add($Y)
      - pattern-inside: |
          #[multiversx_sc::contract]
          trait Contract {
            ...
          }

3. Workflow

  1. Identify Pattern: See mvx_variant_analysis.
  2. Write Rule: Use the template.
  3. Test: Run on the codebase using semgrep --config rules.yaml .
  4. Refine: Reduce false positives.