Skills
.Work. You
Rest

supply-chain-hygiene

Community

Harden supply chains with SBOM and provenance.

Software Engineering#security#provenance#supply-chain#github-actions#hardening#sbom#least-privilege
Authoraskaret
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Securing software supply chains by ensuring verifiable artifacts, traceability, and controlled access across builds and releases.

Core Features & Use Cases

  • SBOM generation for release artifacts (CycloneDX or SPDX) to enable software bill of materials compliance.
  • Build provenance and attestations to prove how artifacts were built and by whom.
  • GitHub Actions hardening and least-privilege permissions to reduce risk in CI/CD.
  • Provenance publishing and verification guidance for consumers and downstream tools.

Quick Start

Configure and run your release workflow to generate SBOMs, attest provenance, and enforce least-privilege permissions.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: supply-chain-hygiene
Download link: https://github.com/askaret/codex-skills/archive/main.zip#supply-chain-hygiene

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.