security-review-owasp-npm-security

Community

Harden npm trust and deployment paths

Authorsjinks
Version1.0.0
Installs0

System Documentation

What problem does it solve?

It helps reviewers identify npm-related security weaknesses that can expand attacker reach through unsafe defaults, weak isolation, exposed management surfaces, and compromised dependencies.

Core Features & Use Cases

  • Runtime and Privilege Review: Examines service accounts, process privileges, admin access, and other trust boundaries that can amplify impact.
  • Dependency and Deployment Analysis: Checks package trust, pinning, provenance, configuration hardening, and CI/CD release paths for supply-chain risk.
  • Use Case: Use it when reviewing an application, platform, or deployment pipeline to confirm that npm-related controls are enforced consistently across local, staging, and production environments.

Quick Start

Ask Copilot to review the npm security posture of this repository and focus on the relevant package, runtime, deployment, and dependency trust boundaries.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-review-owasp-npm-security
Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-npm-security

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.