Loading...
Loading...
Found 2 Skills
Audit JS supply-chain hygiene (Safe Chain on dev machine, .npmrc/equivalent in repo, GitHub Actions CI gates, CONTRIBUTING.md mention) and offer interactive fixes. INVOKE ONLY when the user explicitly types `/supply-chain-check` — do NOT auto-invoke based on project type, lockfile presence, security mentions, or any related context.
Run a reusable JavaScript supply-chain security baseline with pnpm-first hardening, release-age gating, lifecycle-script controls, exotic dependency checks, CI install checks, and optional incident IOC profiles.