How are custom CodeQL queries added to Code Scanning?

Custom CodeQL queries are added by supplying the actual .ql query files to the analysis. Put these .ql files in a path that the CodeQL workflow references (for example, a codeql or queries folder in your repository) or package them into a shared query pack and reference that pack. Then commit and push so the Code Scanning workflow can run the analysis and execute your custom queries along with the built‑in ones. This approach keeps the engine intact and leverages the standard CodeQL workflow to run your own queries. Short note on alternatives: you don’t modify the CodeQL engine itself, so changes aren’t made in the engine core. Relying on UI alone isn’t how you add new queries, since CodeQL analyzes the actual .ql files. You don’t necessarily need a separate repository unless you’re sharing a pack across multiple projects, but it’s not required for a single repo.