supply-chain-security
A capability-oriented reasoning framework for identifying and describing security-relevant capability expansions in software supply-chain version transitions. Provides capability vocabulary, counterfactual reasoning scaffolds, and contextual analysis tools. Use when analyzing code version transitions to understand what new affordances emerge, not to classify code as malicious/benign. Atomic unit of analysis is the version transition (diff), not standalone code.
Installation and usage
A capability-oriented reasoning framework for identifying and describing security-relevant capability expansions in software supply-chain version transitions. Provides capability vocabulary, counterfactual reasoning scaffolds, and contextual analysis tools. Use when analyzing code version transitions to understand what new affordances emerge, not to classify code as malicious/benign. Atomic unit of analysis is the version transition (diff), not standalone code.
Once installed, you can use this skill by running the following command in your terminal:
skills use supply-chain-security