security-review-owasp-dependency-graph-sbom

Community

Find SBOM and dependency trust risks fast.

Authorsjinks
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps security reviewers assess dependency graph and SBOM-related risks without manually reconstructing OWASP guidance during every review. It focuses on the trust boundaries, privilege paths, and operational assumptions that can turn dependencies or deployment choices into attack paths.

Core Features & Use Cases

  • Dependency Trust Review: Evaluates third-party packages, plugins, images, and modules for pinning, provenance, and update discipline.
  • Runtime and Isolation Analysis: Checks service accounts, containers, tenants, namespaces, and management surfaces for excessive privilege or weak separation.
  • Operational Assurance Checks: Looks for scanning, policy enforcement, CI/CD safeguards, and rollback readiness that reduce supply-chain and deployment risk.
  • Use Case: Review a platform service to confirm its dependency chain, runtime permissions, and deployment controls do not expose privileged control-plane access or cross-tenant compromise paths.

Quick Start

Use the security-review-owasp-dependency-graph-sbom skill to review the target service or repository for dependency trust, privilege boundaries, and deployment exposure.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-review-owasp-dependency-graph-sbom
Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-dependency-graph-sbom

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.