security-review-owasp-software-supply-chain-security
CommunitySpot supply-chain risks before release
Software Engineering#ci/cd#provenance#security review#supply chain#sbom#artifact signing#dependency governance
Authorsjinks
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you find supply chain weaknesses that let untrusted changes, dependencies, or build outputs reach release.
Core Features & Use Cases
- Reviews source control, identity, and branch protection for bypass paths.
- Checks build integrity, provenance, signing, SBOMs, and dependency trust.
- Useful for reviewing repositories, CI pipelines, artifact promotion, and release monitoring against OWASP guidance.
Quick Start
Ask Copilot to review the specified repository, flow, or files for software supply chain security risks with this skill.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-owasp-software-supply-chain-security Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-software-supply-chain-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.