ワンクリックで
supply-chain-security
Software supply chain security reference for OpenSSF Scorecard, SLSA, Sigstore, SBOM, and posture/backlog taxonomies.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Software supply chain security reference for OpenSSF Scorecard, SLSA, Sigstore, SBOM, and posture/backlog taxonomies.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
Canonical documentation capability for audit, drift, validate, and author modes in hve-core.
Text-to-speech voice-over generation from YAML speaker notes using Azure Speech SDK with SSML pronunciation control
PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling
Authors Vally conformance tests for prompts, instructions, agents, and skills, including refusals for jailbreak, prompt-injection, harmful-elicitation, TOS, CoC, and PII-extraction stimuli
Manage GitLab merge requests and pipelines with a Python CLI
Jira issue workflows for search, issue updates, transitions, comments, and field discovery via the Jira REST API. Use when you need to search with JQL, inspect an issue, create or update work items, move an issue between statuses, post comments, or discover required fields for issue creation.
| name | supply-chain-security |
| description | Software supply chain security reference for OpenSSF Scorecard, SLSA, Sigstore, SBOM, and posture/backlog taxonomies. |
| license | MIT |
| user-invocable | true |
This skill packages the durable software supply chain security (SSSC) reference material: open-standard catalogs, the combined capabilities inventory, and the classification taxonomies used to assess a repository's posture and turn gaps into prioritized work items.
Use this skill when you need to:
Load the reference file for the topic you need. Each file holds the verbatim standard catalog or taxonomy.
| Reference | Topic |
|---|---|
| references/00-index.md | Navigation catalog for every reference in this skill |
| references/openssf-scorecard.md | OpenSSF Scorecard 20 checks with risk levels and score ranges |
| references/slsa-levels.md | SLSA v1.0 Build track levels L0 through L3 |
| references/best-practices-badge.md | OpenSSF Best Practices Badge Passing, Silver, and Gold criteria |
| references/sigstore-maturity.md | Sigstore (cosign) adoption maturity levels |
| references/sbom-elements.md | NTIA SBOM minimum elements and format guidance |
| references/capabilities-inventory.md | 27 combined capabilities across hve-core, PAT, and shared sets |
| references/adoption-categories.md | Six adoption categories, effort sizing, and concern levels |
| references/scorecard-check-mapping.md | Full 20-check implementation and adoption reference mapping |
| references/priority-derivation.md | Risk level to priority and execution order derivation |
Standard catalogs in this skill derive from their respective upstream projects. Per-reference attribution appears at the bottom of each reference file. See references/00-index.md for the consolidated attribution summary.