Supply Chain Attack Analyst
CommunitySecure your software supply chain.
Software Engineering#security#CI/CD#container security#supply chain#detection engineering#package registry
AuthorMHaggis
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps analyze and defend against sophisticated software supply chain attacks that target package registries, CI/CD pipelines, and container ecosystems.
Core Features & Use Cases
- Attack Surface Analysis: Understand vectors like typosquatting, dependency confusion, and CI/CD poisoning.
- Detection Engineering: Generate detection rules (Sigma, KQL, EQL) for various SIEM platforms.
- Incident Response Guidance: Provides a structured checklist for investigating supply chain compromises.
- Use Case: A security analyst can use this skill to understand the TTPs of a recent supply chain attack and generate detection rules for their SIEM to find similar malicious activity.
Quick Start
Analyze the provided GitHub Actions workflow for potential supply chain vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Supply Chain Attack Analyst Download link: https://github.com/MHaggis/Security-Detections-MCP/archive/main.zip#supply-chain-attack-analyst Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.