supply-chain-trust

Community

Secure and audit dependencies to ensure anonymity and integrity

Authorskylarsabo
Version1.0.0
Installs0

System Documentation

What problem does it solve?

The Skill addresses the issue of vetting dependencies for potential risks, such as egress, CVEs, and build/lockfile integrity, to maintain anonymity and operational security.

Core Features & Use Cases

  • Dependency Inventory: Catalogs direct and transitive dependencies, their network behavior, known CVEs, and integrity.
  • Anonymity Risk Assessment: Evaluates egress/telemetry risks and provides alternatives or disable options.
  • Vulnerability and Integrity Checks: Identifies known CVEs, abandoned packages, and integrity issues.
  • Provenance and Content Scanning: Audits agent-ingested content for potential injection directives and secrets.

Quick Start

Run the 'supply-chain-trust' skill to assess your dependencies for risks.

Dependency Matrix

Required Modules

None required

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: supply-chain-trust
Download link: https://github.com/skylarsabo/code-ops/archive/main.zip#supply-chain-trust

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.