skills.homes logoskills.homescapability registry
home/categories/git-workflows/mukul975-anthropic-cybersecurity-skills-skills-detecting-supply-chain-attacks-in-ci-cd-skill-md
cd ..
git-workflowsdevops

detecting-supply-chain-attacks-in-ci-cd

Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned actions, script injection via expressions, dependency confusion, and secrets exposure. Uses PyGithub and YAML parsing for automated audit. Use when hardening CI/CD pipelines or investigating compromised build systems.

عرض المصدرgit-workflows
mukul975
maintainer
mukul975
آخر تحديث 4/6/2026
النجوم
4240
التفرعات
464
quick start

Installation and usage

Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned actions, script injection via expressions, dependency confusion, and secrets exposure. Uses PyGithub and YAML parsing for automated audit. Use when hardening CI/CD pipelines or investigating compromised build systems.

التثبيت
$ install --globalskills.sh
الاستخدام

بعد التثبيت، يمكنك استخدام هذه المهارة بتشغيل الأمر التالي في الطرفية:

skills use detecting-supply-chain-attacks-in-ci-cd