supply chain security AI Agent Skills

Browse 53 skills related to supply chain security

vulnerability-scanner

21.8k
davila7davila7

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

codebase-cleanup-deps-audit

18.0k
sickn33sickn33

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago

dependency-management-deps-audit

18.0k
sickn33sickn33

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago

building-ci-pipelines

296
ancolemanancoleman

Constructs secure, efficient CI/CD pipelines with supply chain security (SLSA), monorepo optimization, caching strategies, and parallelization patterns for GitHub Actions, GitLab CI, and Argo Workflows. Use when setting up automated testing, building, or deployment workflows.

131 days ago

sbom-syft

64
AgentSecOpsAgentSecOps

Software Bill of Materials (SBOM) generation using Syft for container images, filesystems, and archives. Detects packages across 28+ ecosystems with multi-format output support (CycloneDX, SPDX, syft-json). Enables vulnerability assessment, license compliance, and supply chain security. Use when: (1) Generating SBOMs for container images or applications, (2) Analyzing software dependencies and packages for vulnerability scanning, (3) Tracking license compliance across dependencies, (4) Integrating SBOM generation into CI/CD for supply chain security, (5) Creating signed SBOM attestations for software provenance.

sbomsyftsupply-chain+5
131 days ago

sca-blackduck

64
AgentSecOpsAgentSecOps

Software Composition Analysis (SCA) using Synopsys Black Duck for identifying open source vulnerabilities, license compliance risks, and supply chain security threats with CVE, CWE, and OWASP framework mapping. Use when: (1) Scanning dependencies for known vulnerabilities and security risks, (2) Analyzing open source license compliance and legal risks, (3) Identifying outdated or unmaintained dependencies, (4) Integrating SCA into CI/CD pipelines for continuous dependency monitoring, (5) Providing remediation guidance for vulnerable dependencies with CVE and CWE mappings, (6) Assessing supply chain security risks and third-party component threats.

scablackduckdependency-scanning+5
131 days ago

dependency-manager

39
404kidwiz404kidwiz

Expert at package management and supply chain security. Use when managing dependencies, updating packages, resolving version conflicts, ensuring supply chain security, or auditing vulnerabilities in project dependencies.

131 days ago

dependency-manager

36
zenobi-uszenobi-us

Expert dependency manager specializing in package management, security auditing, and version conflict resolution across multiple ecosystems. Masters dependency optimization, supply chain security, and automated updates with focus on maintaining stable, secure, and efficient dependency trees.

131 days ago

software-security-appsec

34
vasilyu1983vasilyu1983

Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.

131 days ago

sbom-management

31
melodic-softwaremelodic-software

Software Bill of Materials management including generation, formats, vulnerability tracking, and supply chain security

131 days ago

supply-chain-security

31
melodic-softwaremelodic-software

Software supply chain security guidance covering SBOM generation, SLSA framework, dependency scanning, SCA tools, and protection against supply chain attacks like dependency confusion and typosquatting.

131 days ago

sca-security

29
hardw00thardw00t

Software Composition Analysis skill for identifying vulnerable dependencies, license compliance, and supply chain security. This skill should be used when scanning dependencies for CVEs, analyzing SBOM (Software Bill of Materials), checking license compliance, auditing npm/pip/maven/cargo packages, or assessing supply chain risks. Triggers on requests to scan dependencies, check for vulnerable packages, generate SBOM, analyze license compliance, or audit software supply chain.

131 days ago

vulnerability-scanner

28
hainamchunghainamchung

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

cicd-expert

25
martinholovskymartinholovsky

Elite CI/CD pipeline engineer specializing in GitHub Actions, GitLab CI, Jenkins automation, secure deployment strategies, and supply chain security. Expert in building efficient, secure pipelines with proper testing gates, artifact management, and ArgoCD/GitOps patterns. Use when designing pipelines, implementing security gates, or troubleshooting CI/CD issues.

131 days ago

dependency-audit

23
TibsfoxTibsfox

Provides dependency management and supply chain security practices for auditing vulnerabilities, checking licenses, assessing dependency health, and managing upgrades safely. Use when auditing packages, reviewing security, managing dependencies, or when user mentions 'audit', 'vulnerability', 'dependency', 'supply chain', 'npm audit', 'license', 'bundle size'.

131 days ago

compliance-governance

23
TibsfoxTibsfox

Provides compliance, governance, and supply chain security guidance for cloud-native systems. Covers OPA Rego policies, Kyverno cluster policies, SBOM generation, SLSA provenance, audit trail design, and regulatory framework mapping. Use when user mentions 'compliance', 'governance', 'OPA', 'kyverno', 'SBOM', 'SLSA', 'audit', 'policy-as-code', 'SOC2', 'HIPAA', 'PCI-DSS', 'artifact signing'.

131 days ago

security-architect

15
oimiragieooimiragieo

Security architecture and threat modeling. OWASP Top 10 2025 analysis, OWASP Agentic AI Top 10 (ASI01-ASI10), AI/LLM security patterns, supply chain security, modern API authentication (OAuth 2.1, DPoP, Passkeys/WebAuthn), vulnerability assessment, and security review for code and infrastructure.

131 days ago

security-practices

13
williamzujkowskiwilliamzujkowski

Modern security standards including Zero Trust Architecture, supply chain security, DevSecOps integration, and cloud-native protection

131 days ago

managing-dependencies

13
andrewandrew

Evaluates packages, manages dependencies, and addresses supply chain security. Use when adding npm/pip/cargo/bundler/go dependencies, auditing packages, reviewing lockfile changes, checking for vulnerabilities, comparing package alternatives, or assessing package trustworthiness.

131 days ago

artifact-sbom-publisher

12
patricio0312revpatricio0312rev

Produces build artifacts with Software Bill of Materials (SBOM) and supply chain metadata for security and compliance. Use for "artifact publishing", "SBOM generation", "supply chain security", or "build provenance".

131 days ago

trivy

9
mauromeddamauromedda

Security vulnerability scanner using Trivy for container images, filesystems, and IaC. Blocks CRITICAL and HIGH severity vulnerabilities before commit. Triggers on "trivy", "vulnerability scan", "security scan", "container scan", "image scan", "sbom", "cve", "dependency scan", "supply chain security", "docker scan", "scan image", "scan container", "check vulnerabilities", "security check", "license scan", "secret scan", "misconfig scan", "iac scan", "terraform scan", "kubernetes scan", "helm scan", "dockerfile scan", "package vulnerabilities", "npm audit", "pip audit", "go mod vulnerabilities", "scan dependencies", "security gate", "compliance scan", "aqua trivy". PROACTIVE: MUST invoke before committing code with new dependencies or container images.

131 days ago

isms-compliance-checking

5
Hack23Hack23

Validates all code changes against Hack23 ISMS policies, enforces ISO 27001:2022, NIST CSF 2.0, CIS Controls v8.1 alignment, ensures GDPR/NIS2/EU CRA compliance, supply chain security (OSSF Scorecard, SLSA, SBOM), and maintains required architecture documentation for Black Trigram.

131 days ago

vulnerability-scanner

5
agent-skills-hubagent-skills-hub

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

dependency-management-deps-audit

5
agent-skills-hubagent-skills-hub

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago

codebase-cleanup-deps-audit

5
agent-skills-hubagent-skills-hub

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago

security-scanning-security-dependencies

5
agent-skills-hubagent-skills-hub

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

131 days ago

vulnerability-scanner

4
ngxtmngxtm

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

codebase-cleanup-deps-audit

4
ngxtmngxtm

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues,...

131 days ago

security-scanning-security-dependencies

4
ngxtmngxtm

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

131 days ago

dependency-management-deps-audit

4
ngxtmngxtm

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues,...

131 days ago

enterprise-readiness

2
netresearchnetresearch

Use when evaluating projects for production readiness, implementing supply chain security (SLSA, signing, SBOMs), hardening CI/CD pipelines, establishing quality gates, or pursuing OpenSSF Best Practices Badge.

131 days ago

vulnerability-scanner

1
rootcastlecorootcastleco

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

agent-security

1
phazurlabsphazurlabs

Security practices for AI agent packaging, distribution, and runtime. Use when the user mentions: agent security, API key management, secrets management, model integrity, MCP security, MCP permissions, supply chain security, code signing agents, agent threats, prompt injection config, secure agent install, agent audit, security checklist, signing binaries, notarization, keychain, credential management

131 days ago

codebase-cleanup-deps-audit

1
rootcastlecorootcastleco

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues,...

131 days ago

security-scanning-security-dependencies

1
rootcastlecorootcastleco

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

131 days ago

dependency-management-deps-audit

1
rootcastlecorootcastleco

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues,...

131 days ago

Dependency Management — Deps Audit

haniakrim21haniakrim21

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago

vulnerability-scanner

haniakrim21haniakrim21

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

codebase-cleanup-deps-audit

reikiplanetreikiplanet

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, maintenance status, and supply-chain risks, and produce prioritized findings and actionable remediation recommendations.

131 days ago

Security Scanning — Dependency Security

reikiplanetreikiplanet

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess supply chain risk, generate SBOMs, and provide prioritized remediation guidance. Inputs: project manifests/lockfiles, policies, and CI context. Safety controls prevent automatic fixes without approval and mark dependency changes as release-impacting. See resources/implementation-playbook.md for detailed examples and patterns.

131 days ago

security-scanning-security-dependencies

oki3505Foki3505F

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

131 days ago

vulnerability-scanner

CaioBruggerCaioBrugger

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

vulnerability-scanner

ofelixdevofelixdev

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

Vulnerability Scanner

oki3505Foki3505F

Advanced vulnerability analysis principles: OWASP 2025, supply chain security, attack surface mapping, and risk prioritization.

131 days ago

vulnerability-scanner

reikiplanetreikiplanet

Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.

131 days ago

container-workflows

sammasaksammasak

Use when building container images, writing Dockerfiles, pushing to registries, or optimizing image size and security. Guides rootless builds, multi-stage patterns, and supply chain security.

131 days ago

Security Scanning — Dependency Security

haniakrim21haniakrim21

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

131 days ago

codebase-cleanup-deps-audit

oki3505Foki3505F

You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.

131 days ago
ClawiskillClawiskill
Network
Building with
?

Join Clawiskill today. The decentralized skill network for AI Agents.

Registry
70K+
Agent Joins
120K+
Explore Network