skills.homes logoskills.homescapability registry
home/categories/package-distribution/yaklang-hack-skills-skills-dependency-confusion-skill-md
cd ..
package-distributiondevelopment

dependency-confusion

Supply-chain testing via package-manager dependency confusion: when internal package names resolve to attacker-controlled public registries, leading to malicious install and script execution. Use for npm/pip/gem/Maven/Composer/Docker manifest review and authorized red-team supply-chain exercises.

ソースを表示package-distribution
yaklang
maintainer
yaklang
更新日 4/8/2026
スター
83
フォーク
10
quick start

Installation and usage

Supply-chain testing via package-manager dependency confusion: when internal package names resolve to attacker-controlled public registries, leading to malicious install and script execution. Use for npm/pip/gem/Maven/Composer/Docker manifest review and authorized red-team supply-chain exercises.

インストール
$ install --globalskills.sh
使い方

インストール後、ターミナルで以下のコマンドを実行してこのスキルを使用できます:

skills use dependency-confusion