security-platform-supply-chain

Community

Secure and manage your software supply chain with comprehensive reviews and controls.

AuthorSensLiao
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill addresses the complexities of software supply chain security, providing deep analysis, artifact signing, and cloud posture management.

Core Features & Use Cases

  • SBOM Generation: Create detailed Software Bill of Materials for all components.
  • Deep SCA: Perform in-depth Software Composition Analysis for transitive vulnerabilities and integrity checks.
  • Provenance & Signing: Ensure artifact provenance and signing with SLSA, in-toto, and cosign tools.
  • Container Image Supply Chain: Verify container images for supply chain integrity and signature.
  • Malicious-Package Defense: Protect against dependency confusion, typosquatting, and malicious packages.
  • Build-Pipeline Integrity: Ensure the integrity of the build pipeline and CI workflows.
  • Cloud Posture (CSPM): Manage cloud configurations and posture with Prowler.

Quick Start

Use the security-platform-supply-chain skill to scan your software dependencies and generate a SBOM.

Dependency Matrix

Required Modules

syftcdxgencosignin-totoprowlerosv-scannertrivygrypejoern

Components

scriptsreferencesassets

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-platform-supply-chain
Download link: https://github.com/SensLiao/Claude-code-setting/archive/main.zip#security-platform-supply-chain

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.