athola/supply-chain-advisory
plugins/leyline/skills/supply-chain-advisory/SKILL.md
Audits dependency supply chains for bad versions, lockfile drift, and artifact integrity. Use when adding deps, handling incidents, or releasing a plugin.
$ install --global
skillsauthnpx skillsauth add athola/claude-night-market supply-chain-advisoryInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 27, 2026, 4:53 AM373.7s4 files scanned
SKILL.md
- name:
- supply-chain-advisory
- description:
- Audits dependency supply chains for bad versions, lockfile drift, and artifact integrity. Use when adding deps, handling incidents, or releasing a plugin.
- alwaysApply:
- false
- category:
- infrastructure
- complexity:
- intermediate
- model_hint:
- standard
- estimated_tokens:
- 500
- progressive_loading:
- true
- role:
- hook-target
Overview
Supply chain attacks bypass traditional code review by compromising upstream dependencies. This skill provides patterns for detecting, preventing, and responding to compromised packages in Python ecosystems.
When To Use
- After a supply chain advisory is published
- When auditing dependencies for a new or existing project
- During incident response for a suspected compromise
- When adding the SessionStart hook to a project
When NOT To Use
- General CVE triage unrelated to dependency supply chain
- Application-level vulnerability scanning (use a SAST tool)
- License compliance audits (different concern)
Known-Bad Versions Blocklist
The blocklist is at ${CLAUDE_SKILL_DIR}/known-bad-versions.json.
It is consumed by:
- SessionStart hook — warns per-session when compromised versions detected
make supply-chain-scan— CI/local scanning target- This skill — manual audit guidance
Blocklist Format
{
"package_name": [{
"versions": ["x.y.z"],
"date": "YYYY-MM-DD",
"description": "What the attack did",
"indicators": ["files or patterns to search for"],
"source": "advisory URL",
"severity": "critical|high|medium"
}]
}
Adding a New Entry
- Add the entry to
${CLAUDE_SKILL_DIR}/known-bad-versions.json - Add version exclusions (
!=x.y.z) to affectedpyproject.tomlfiles - Document in
docs/dependency-audit.mdunder Supply Chain Incidents - Run
make supply-chain-scanto verify detection works
Quick Scan Commands
Check all lockfiles on machine for known-bad versions
# Scan uv.lock files for a specific compromised version
grep -r "package_name.*version" --include="uv.lock" /path/to/projects
# Search for malicious artifacts
find /path/to/projects -name "suspicious_file.pth" 2>/dev/null
# Check installed versions in virtualenvs
find /path/to/projects -path "*/.venv/lib/*/PACKAGE*/METADATA" \
-exec grep "^Version:" {} +
Verify lockfile hash integrity
uv.lock includes SHA256 hashes for every package. If a package is
re-published with different content under the same version, uv sync
will fail with a hash mismatch. This is your strongest automatic defense.
Defense Layers
| Layer | Tool | Catches |
|-------|------|---------|
| Lockfile hashes | uv.lock SHA256 | Tampered re-published versions |
| Version exclusions | pyproject.toml != | Known-bad versions on fresh resolve |
| SessionStart hook | sanctum hook | Per-session warning for compromised deps |
| CI scanning | OSV, Safety | CVE database, and advisory matching |
| Artifact scanning | make supply-chain-scan | Malicious files (.pth, scripts) |
Limitations
- Zero-day supply chain attacks have no prior advisory — lockfile hashes are the only automatic defense during the attack window
- Safety/CVE databases lag behind real-world compromises
- OSV provides broader coverage but is still reactive
Related Skills
athola/friction-detector
tools
VerifiedTrustedCommunity
Detect friction signals; graduate patterns into rules. Use for session retrospectives.
300SKILL.mdUpdated Apr 23, 2026
athola/validate-mr
testing
VerifiedTrustedCommunity
Use when you need a diff-derived test plan for an MR — reads the diff, groups changes by area, runs targeted verifications, and proves revert-tests are genuine guards, not dead assertions.
294SKILL.mdUpdated May 30, 2026
athola/palace-index-curator
development
VerifiedTrustedCommunity
Curate the web-capture index. Use when the capture backlog grows, captures sit unprocessed at seedling/pending, or to surface stored research during work.
294SKILL.mdUpdated May 30, 2026
athola/memory-clarity-probe
testing
VerifiedTrustedCommunity
Probe memory/summary clarity via dual anchor questions: task progress, info gaps. Use when verifying session state or summary before handoff or compression.
294SKILL.mdUpdated May 30, 2026