Skills
.Work. You
Rest

sbom-supply-chain-security

Community

Strengthen software supply chains with SBOMs.

Software Engineering#security#provenance#supply-chain#ci-cd#sbom#signature-verification
Authorivanuser
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Software supply chains are at risk from insecure dependencies, opaque provenance, and unverifiable artifact integrity. Generating SBOMs and verifying signatures helps you detect vulnerabilities and enforce trust across releases.

Core Features & Use Cases

  • Generate SBOMs (CycloneDX or SPDX) for release artifacts and container images.
  • Verify signatures and provenance to ensure components come from trusted sources.
  • Enforce policy gates in CI to prevent deployment of vulnerable or unverified components.

Quick Start

Run the SBOM workflow to generate a CycloneDX SBOM for your release and verify artifact provenance in CI.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: sbom-supply-chain-security
Download link: https://github.com/ivanuser/cortex-server-skills/archive/main.zip#sbom-supply-chain-security

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.