supply chain AI Agent Skills

Browse 106 skills related to supply chain

vulnerability-scanner

21.8k
davila7davila7

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

132 days ago

codebase-cleanup-deps-audit

18.0k
sickn33sickn33

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

132 days ago

dependency-management-deps-audit

18.0k
sickn33sickn33

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

132 days ago

wed

1.8k
openclawopenclaw

Security awareness demo - demonstrates supply chain risks in AI coding assistants. See the full research: https://x.com/theonejvo/status/2015892980851474595

132 days ago

supply-chain-visibility-platform

376
a5c-aia5c-ai

End-to-end supply chain visibility skill providing real-time tracking and control tower capabilities

132 days ago

scor-kpi-dashboard-builder

376
a5c-aia5c-ai

SCOR-aligned supply chain KPI dashboard design and implementation skill

132 days ago

disruption-response-coordinator

376
a5c-aia5c-ai

Supply chain disruption rapid response skill with impact assessment and mitigation activation

132 days ago

cost-to-serve-analyzer

376
a5c-aia5c-ai

Supply chain cost-to-serve analysis skill by customer, product, or channel

132 days ago

supply-chain-digital-twin

376
a5c-aia5c-ai

Digital twin representation of supply chain for real-time monitoring and simulation

132 days ago

early-warning-monitor

376
a5c-aia5c-ai

Continuous supplier and supply chain risk monitoring with automated alerts

132 days ago

supply-chain-simulation-engine

376
a5c-aia5c-ai

Supply chain discrete-event simulation for scenario testing and optimization

132 days ago

contingency-plan-builder

376
a5c-aia5c-ai

Business continuity and contingency plan development skill for supply chain resilience

132 days ago

master-data-quality-manager

376
a5c-aia5c-ai

Supply chain master data quality monitoring and improvement skill

132 days ago

supply-chain-risk-assessor

376
a5c-aia5c-ai

Comprehensive supply chain risk identification and assessment skill with heat mapping

132 days ago

supply-chain-visibility-integrator

376
a5c-aia5c-ai

End-to-end supply chain visibility integration skill connecting systems and data sources

132 days ago

skill-scanner

345
getsentrygetsentry

Scan agent skills for security issues. Use when asked to "scan a skill", "audit a skill", "review skill security", "check skill for injection", "validate SKILL.md", or assess whether an agent skill is safe to install. Checks for prompt injection, malicious scripts, excessive permissions, secret exposure, and supply chain risks.

132 days ago

building-ci-pipelines

296
ancolemanancoleman

Constructs secure, efficient CI/CD pipelines with supply chain security (SLSA), monorepo optimization, caching strategies, and parallelization patterns for GitHub Actions, GitLab CI, and Argo Workflows. Use when setting up automated testing, building, or deployment workflows.

132 days ago

attack-flow

126
wiz-sec-publicwiz-sec-public

Generate SITF-compliant attack flow JSON files from attack descriptions or incident reports. Use when analyzing supply chain attacks, breaches, or security incidents.

132 days ago

sbom-syft

64
AgentSecOpsAgentSecOps

Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.

sbomsyftsupply-chain+5
132 days ago

sca-blackduck

64
AgentSecOpsAgentSecOps

Software Composition Analysis (SCA) using Synopsys Black Duck for identifying open source vulnerabilities, license compliance risks, and supply chain security threats with CVE, CWE, and OWASP framework mapping. Use when: (1) Scanning dependencies for known vulnerabilities and security risks, (2) Analyzing open source license compliance and legal risks, (3) Identifying outdated or unmaintained dependencies, (4) Integrating SCA into CI/CD pipelines for continuous dependency monitoring, (5) Providing remediation guidance for vulnerable dependencies with CVE and CWE mappings, (6) Assessing supply chain security risks and third-party component threats.

scablackduckdependency-scanning+5
132 days ago

ai-threat-testing

43
transilienceaitransilienceai

Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.

132 days ago

dependency-manager

39
404kidwiz404kidwiz

Expert at package management and supply chain security. Use when managing dependencies, updating packages, resolving version conflicts, ensuring supply chain security, or auditing vulnerabilities in project dependencies.

132 days ago

dependency-manager

36
zenobi-uszenobi-us

Expert dependency manager specializing in package management, security auditing, and version conflict resolution across multiple ecosystems. Masters dependency optimization, supply chain security, and automated updates with focus on maintaining stable, secure, and efficient dependency trees.

132 days ago

software-security-appsec

34
vasilyu1983vasilyu1983

Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.

132 days ago

ai-mlops

34
vasilyu1983vasilyu1983

Production MLOps and ML/LLM/agent security skill for deploying and operating ML systems in production (registry + CI/CD, serving, monitoring/drift, evaluation loops, incident response/runbooks, and governance), including GenAI security (prompt injection, jailbreaks, RAG security, privacy, and supply chain).

132 days ago

sbom-management

31
melodic-softwaremelodic-software

Software Bill of Materials management including generation, formats, vulnerability tracking, and supply chain security

132 days ago

supply-chain-security

31
melodic-softwaremelodic-software

Software supply chain security guidance covering SBOM generation, SLSA framework, dependency scanning, SCA tools, and protection against supply chain attacks like dependency confusion and typosquatting.

132 days ago

sca-security

29
hardw00thardw00t

Software Composition Analysis skill for identifying vulnerable dependencies, license compliance, and supply chain security. This skill should be used when scanning dependencies for CVEs, analyzing SBOM (Software Bill of Materials), checking license compliance, auditing npm/pip/maven/cargo packages, or assessing supply chain risks. Triggers on requests to scan dependencies, check for vulnerable packages, generate SBOM, analyze license compliance, or audit software supply chain.

132 days ago

vulnerability-scanner

28
hainamchunghainamchung

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

132 days ago

devsecops-expert

25
martinholovskymartinholovsky

Expert DevSecOps engineer specializing in secure CI/CD pipelines, shift-left security, security automation, and compliance-as-code. Use for implementing security gates, container security, infrastructure scanning, secrets management, or building secure software supply chains.

132 days ago

cicd-expert

25
martinholovskymartinholovsky

Elite CI/CD pipeline engineer specializing in GitHub Actions, GitLab CI, Jenkins automation, secure deployment strategies, and supply chain security. Expert in building efficient, secure pipelines with proper testing gates, artifact management, and ArgoCD/GitOps patterns. Use when designing pipelines, implementing security gates, or troubleshooting CI/CD issues.

132 days ago

dependency-audit

23
TibsfoxTibsfox

Provides dependency management and supply chain security practices for auditing vulnerabilities, checking licenses, assessing dependency health, and managing upgrades safely. Use when auditing packages, reviewing security, managing dependencies, or when user mentions 'audit', 'vulnerability', 'dependency', 'supply chain', 'npm audit', 'license', 'bundle size'.

132 days ago

compliance-governance

23
TibsfoxTibsfox

Provides compliance, governance, and supply chain security guidance for cloud-native systems. Covers OPA Rego policies, Kyverno cluster policies, SBOM generation, SLSA provenance, audit trail design, and regulatory framework mapping. Use when user mentions 'compliance', 'governance', 'OPA', 'kyverno', 'SBOM', 'SLSA', 'audit', 'policy-as-code', 'SOC2', 'HIPAA', 'PCI-DSS', 'artifact signing'.

132 days ago

sustainability-esg

16
travisjneumantravisjneuman

Sustainability and ESG expertise for ESG strategy, carbon footprint management, sustainable supply chains, circular economy, renewable energy, climate risk, and ESG reporting (GRI, SASB, TCFD). Use when building sustainability programs, measuring carbon impact, or creating ESG reports.

132 days ago

supply-chain-optimizer

16
travisjneumantravisjneuman

Supply chain analysis, inventory optimization, logistics planning, vendor evaluation, and demand forecasting frameworks. Use when analyzing supply chains, optimizing inventory, or evaluating suppliers.

132 days ago

operations

16
travisjneumantravisjneuman

Operations excellence expertise for supply chain optimization, process improvement (Lean, Six Sigma), capacity planning, vendor management, quality assurance, and operational efficiency. Use when optimizing processes, managing supply chains, or improving operational performance.

132 days ago

security-architect

15
oimiragieooimiragieo

Security architecture and threat modeling. OWASP Top 10 2025 analysis, OWASP Agentic AI Top 10 (ASI01-ASI10), AI/LLM security patterns, supply chain security, modern API authentication (OAuth 2.1, DPoP, Passkeys/WebAuthn), vulnerability assessment, and security review for code and infrastructure.

132 days ago

Security Audit

14
JStaRFilmsJStaRFilms

Perform a meticulous deep code audit covering Security, Logic, Completeness, and Quality. Includes vibe-coding-specific guardrails for supply chain attacks, auth, rate limiting, and RLS.

132 days ago

security-practices

13
williamzujkowskiwilliamzujkowski

Modern security standards including Zero Trust Architecture, supply chain security, DevSecOps integration, and cloud-native protection

132 days ago

managing-dependencies

13
andrewandrew

Evaluates packages, manages dependencies, and addresses supply chain security. Use when adding npm/pip/cargo/bundler/go dependencies, auditing packages, reviewing lockfile changes, checking for vulnerabilities, comparing package alternatives, or assessing package trustworthiness.

132 days ago

enterprise-readiness

12
dirnbauerdirnbauer

Assess and enhance software projects for enterprise-grade security, quality, and automation. Aligned with OpenSSF Scorecard, SLSA, and S2C2F. Use when working with enterprise, openssf, slsa, security, scorecard, supply chain, badge.

132 days ago

artifact-sbom-publisher

12
patricio0312revpatricio0312rev

Produces build artifacts with Software Bill of Materials (SBOM) and supply chain metadata for security and compliance. Use for "artifact publishing", "SBOM generation", "supply chain security", or "build provenance".

132 days ago

ai-security-hardening

10
BagelHoleBagelHole

Harden AI/LLM deployments against prompt injection, data exfiltration, model theft, and supply chain attacks. Covers input validation, output filtering, access control, model API security, and compliance controls for production AI systems.

132 days ago

sbom-supply-chain

10
BagelHoleBagelHole

Generate, sign, and verify SBOMs and provenance attestations to secure the software supply chain. Use when implementing SLSA controls, artifact trust policies, or compliance evidence for releases.

132 days ago

dependency-scanning

10
BagelHoleBagelHole

Scan package dependencies for known vulnerabilities using Snyk, Dependabot, and OWASP Dependency-Check. Identify and remediate vulnerable libraries in your software supply chain. Use when managing third-party dependencies or implementing software composition analysis.

132 days ago

trivy

9
mauromeddamauromedda

Security vulnerability scanner using Trivy for container images, filesystems, and IaC. Blocks CRITICAL and HIGH severity vulnerabilities before commit. Triggers on "trivy", "vulnerability scan", "security scan", "container scan", "image scan", "sbom", "cve", "dependency scan", "supply chain security", "docker scan", "scan image", "scan container", "check vulnerabilities", "security check", "license scan", "secret scan", "misconfig scan", "iac scan", "terraform scan", "kubernetes scan", "helm scan", "dockerfile scan", "package vulnerabilities", "npm audit", "pip audit", "go mod vulnerabilities", "scan dependencies", "security gate", "compliance scan", "aqua trivy". PROACTIVE: MUST invoke before committing code with new dependencies or container images.

132 days ago

blackhat-go

7
plurigridplurigrid

Go-based security techniques from "Black Hat Go" extended with macOS, Cloud, Mobile, IoT, Supply Chain, API, Web3, AI/ML, Red Team, ATT&CK, and LLM chapters. 186 techniques, 36 tools, 33 defenses across 37 chapters. Includes adversarial bisimulation games with Ungar (order-dependent) and join-semilattice structures. AAIF-compatible multiplayer agent games for human-agent security exercises.

132 days ago

dependency-audit

6
Mathews-TomMathews-Tom

Audits project dependencies for license compliance, maintenance health, security vulnerabilities, and bloat. Analyzes both direct and transitive dependency trees, detects abandoned packages, identifies license conflicts (copyleft, unknown), checks for known CVEs, and finds unused or duplicate dependencies. Triggers on: "audit dependencies", "dependency check", "license check", "dependency health", "abandoned packages", "bloat check", "unused dependencies", "security audit dependencies", "dependency review", "license compliance", "package audit", "supply chain", "dependency risk". Use this skill when reviewing project dependencies for risk.

132 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network