Skills
.Work. You
Rest

devsecops-supply-chain-audit

Official

Audit software supply chains across ecosystems.

Software Engineering#audit#provenance#devsecops#supply-chain#SBOM#branch-protection#ecosystems
Authoranthril
Version1.0.0
Installs0

System Documentation

What problem does it solve?

The DevSecOps Supply Chain Audit helps teams identify and mitigate risks across all software ecosystems by auditing dependencies, provenance, and governance signals in a repository.

Core Features & Use Cases

  • Detects ecosystems in a repository and spawns one sub-agent per ecosystem to run targeted checks (dependencies, secrets, SBOM, signing) across npm, pip, Go, Ruby, Cargo, Maven, Docker and Terraform.
  • Assesses repository-wide governance signals (branch protection, CODEOWNERS, Dependabot/Renovate configuration) and provides actionable remediation paths.
  • Generates a comprehensive report including a trust score, SLSA self-assessment, and targeted fixes to harden the supply chain.

Quick Start

Provide the repository path to scan and initiate the audit to generate a complete supply-chain report.

Dependency Matrix

Required Modules

None required

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: devsecops-supply-chain-audit
Download link: https://github.com/anthril/official-claude-plugins/archive/main.zip#devsecops-supply-chain-audit

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.