home/categories/git-workflows/mukul975-anthropic-cybersecurity-skills-skills-detecting-supply-chain-attacks-in-ci-cd-skill-md
git-workflowsdevops
detecting-supply-chain-attacks-in-ci-cd
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned actions, script injection via expressions, dependency confusion, and secrets exposure. Uses PyGithub and YAML parsing for automated audit. Use when hardening CI/CD pipelines or investigating compromised build systems.
maintainer
mukul975
업데이트됨 4/6/2026
스타
4240
포크
464
quick start
Installation and usage
Scans GitHub Actions workflows and CI/CD pipeline configurations for supply chain attack vectors including unpinned actions, script injection via expressions, dependency confusion, and secrets exposure. Uses PyGithub and YAML parsing for automated audit. Use when hardening CI/CD pipelines or investigating compromised build systems.
설치
$ install --globalskills.sh
사용법
설치 후 터미널에서 다음 명령을 실행하여 이 스킬을 사용할 수 있습니다:
skills use detecting-supply-chain-attacks-in-ci-cd