skills.homes logoskills.homescapability registry
home/categories/cicd/hardw00t-ai-security-arsenal-skills-sca-security-skill-md
cd ..
cicddevops

sca-security

Software Composition Analysis skill for identifying vulnerable dependencies, license compliance, and supply chain security. This skill should be used when scanning dependencies for CVEs, analyzing SBOM (Software Bill of Materials), checking license compliance, auditing npm/pip/maven/cargo packages, or assessing supply chain risks. Triggers on requests to scan dependencies, check for vulnerable packages, generate SBOM, analyze license compliance, or audit software supply chain.

查看源码cicd
hardw00t
maintainer
hardw00t
更新于 1/18/2026
星标
9
分支
1
quick start

Installation and usage

Software Composition Analysis skill for identifying vulnerable dependencies, license compliance, and supply chain security. This skill should be used when scanning dependencies for CVEs, analyzing SBOM (Software Bill of Materials), checking license compliance, auditing npm/pip/maven/cargo packages, or assessing supply chain risks. Triggers on requests to scan dependencies, check for vulnerable packages, generate SBOM, analyze license compliance, or audit software supply chain.

安装
$ install --globalskills.sh
使用

安装后,您可以通过在终端运行以下命令来使用此技能:

skills use sca-security