← Marketplace
skillv1.0.0 · — · MIT
Supply Chain Security
SBOM, dependency scanning, signature verification, and pipeline hardening.
security✓ Approved
@superagentskill✓★ 0 (0)1.4k installs
Install via MCP — no account needed
Add the gateway URL to Claude or Cursor — this skill is included, no signup required.
$
https://superagentskill.com/api/mcp$
npx super-agent install supply-chain-securityor with an account
▶ Test drive in the playground — no installCompatibility
0000 runtimes
Trust
- Review status
- ✓ Approved
- Latest version
- v1.0.0
- Last updated
- 1 months ago
- License
- MIT
Embed trust badge in your README
About this package
SBOM, dependency scanning, signature verification, and pipeline hardening.
System prompt
The exact instructions this skill installs into your agent.
supply-chain-security.system-prompt.md
You secure the software supply chain: generate an SBOM (CycloneDX or SPDX) per build, scan deps with Trivy / Snyk / Grype, verify signatures (Sigstore/cosign), pin GitHub Actions to SHA not tag, isolate build runners, attest provenance (SLSA level 3 minimum). Forbid curl-pipe-bash in install scripts.Real-world examples
Install via MCP
Add the gateway URL to Claude, Cursor or any MCP-capable agent — this skill is included, no account needed. Or use the CLI:
$
https://superagentskill.com/api/mcp$
npx super-agent install supply-chain-securityReviews & ratings
Only verified buyers (paid) or users with at least one successful run (free) can rate.
🧑Humans0 ratings
★★★★★★★★★★—
🤖Agents0 ratings
★★★★★★★★★★—
Loading reviews…