ワンクリックでManusで任意のスキルを実行

supply-chain-audit

スター9

フォーク0

更新日2026年5月12日 15:34

Audit npm/pip/Docker/GitHub Actions for supply chain risks; apply cooldown, lockfile, ignore-scripts, SHA pinning, scanning after approval. Use for 'supply chain audit', 'harden dependencies'. Skip for runtime vulns, secret scanning, code review.

インストール

Codex または Claude でインストールこの Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。

Manusで実行

ソース

Montimage

Montimage/skills

GitHub リポジトリを開く Creator のリポジトリを見る

ダウンロード

Manusで実行

関連職種SOC

SOC 職業分類に基づく

情報セキュリティアナリストコンピュータ・数学職·SOC 15-1212

ファイルエクスプローラー

12 ファイル

SKILL.md

readonly

このリポジトリの他の Skills

同じリポジトリ

branch-inspector

Montimage/skills

Inspect one git branch vs main: overview of commits, diff, merge/PR status, staleness; user picks delete/archive/PR/keep; emit action plan. Use for 'review this branch', 'branch cleanup'. Skip for repo audits, multi-branch sweeps, PR code review.

2026-05-069

oss-ready

Montimage/skills

Add OSS-standard files (README, CONTRIBUTING, LICENSE, CODE_OF_CONDUCT, SECURITY, GitHub templates) and run an 8-section readiness audit. Use for 'make this open source', 'OSS readiness', 'public release'. Skip for marketing pages or closed code.

2026-05-069

oss-ready-flow

Montimage/skills

Prepare a repository for end-to-end OSS release across 6 sub-agent steps: audit, branch cleanup, docs, README, publications, optional Pages. Use for 'full OSS prep', 'OSS release flow', 'open-source this repo'. Skip for audit-only (use oss-ready) or single-doc edits.

2026-05-069

devops-pipeline

Montimage/skills

Implement pre-commit hooks and GitHub Actions for quality assurance. Use when asked to "setup CI/CD", "add pre-commit hooks", "create GitHub Actions", "setup quality gates", "automate testing", "add linting to CI", "setup code quality checks", "configure CI pipeline", "add automated checks", or any DevOps automation for code quality. Detects project type and configures appropriate tools. Trigger this skill whenever the user mentions CI, CD, pre-commit, GitHub Actions, linting automation, or quality gates — even if they don't use those exact terms.

2026-03-259

docs-generator

Montimage/skills

Restructure project documentation for clarity and accessibility. Use when users ask to "organize docs", "generate documentation", "improve doc structure", "restructure README", "write docs", "create README", "document my code", "add API docs", "document this project", "help with documentation", or need to reorganize scattered documentation into a coherent structure. Analyzes project type and creates appropriate documentation hierarchy. Trigger this skill whenever the user needs documentation created, reorganized, or improved — even if they just say something like "this project needs docs" or "the README is a mess".

2026-03-259

install-script-generator

Montimage/skills

Generate cross-platform installation scripts for any software, library, or module. Use when users ask to "create an installer", "generate installation script", "automate installation", "setup script for X", "install X on any OS", "write an install script", "deployment script", or need automated deployment across Windows, Linux, and macOS. Follows a three-phase approach with environment detection, installation planning with verification/rollback, and documentation generation. Trigger this skill whenever the user wants to automate installing or deploying software, even if they just say "how do I install X everywhere".

2026-03-259

name	supply-chain-audit
description	Audit npm/pip/Docker/GitHub Actions for supply chain risks; apply cooldown, lockfile, ignore-scripts, SHA pinning, scanning after approval. Use for 'supply chain audit', 'harden dependencies'. Skip for runtime vulns, secret scanning, code review.
effort	high
metadata	{"version":"1.0.0","author":"Montimage"}

Supply Chain Audit

Audits a project for the controls that block supply chain attacks — compromised packages, poisoned transitive dependencies, malicious post-install scripts, untrusted base images, hijacked GitHub Actions. Then proposes a layered remediation plan and applies it after explicit user approval.

The skill follows a strict four-phase workflow: detect → audit → plan → apply. Phase boundaries are gates the user crosses, not steps the agent powers through. Do not jump ahead.

When to use

The user says "audit supply chain", "harden dependencies", "avoid supply chain attack", "lock down npm/pypi".
The user mentions a recent attack (Axios, TanStack, ultralytics, etc.) and wants to defend against the next one.
The user is preparing a project for production / public release and wants the dependency surface tightened.

Do not use this skill for:

Runtime application vulnerabilities (use a SAST/DAST tool or code-review).
Secret scanning in commits (different attack vector).
Generic dependency updates without a security goal (use Renovate/Dependabot directly).
Cloud infra hardening (IAM, network policies) — out of scope.

Repo Sync Before Edits (mandatory)

The apply phase mutates files in the repo (.npmrc, pyproject.toml, Dockerfile, workflow YAMLs). Before any edit, sync with the remote so changes don't land on a stale base:

branch="$(git rev-parse --abbrev-ref HEAD)"
git fetch origin
git pull --rebase origin "$branch"

If the working tree is dirty: git stash → sync → git stash pop. If origin is missing or a rebase conflict appears, stop and ask the user before continuing. Do not skip this — applying changes on a stale tree leaves the user with a confusing rebase to untangle.

Inputs

The skill runs against the current working directory by default. If the user names a subdirectory ("audit services/api"), cd into it before detection. The skill never crosses repository boundaries on its own.

If the repo is a monorepo with multiple ecosystems (a package.json and a pyproject.toml and a Dockerfile), audit each in turn — do not silently pick one.

Prerequisites

Verify before running. Stop and tell the user if any check fails.

Current directory is inside a git repository (git rev-parse --git-dir succeeds). The skill needs git so it can show the user the exact diff before applying.
At least one supported ecosystem manifest exists (see Phase 1). If none, tell the user and exit cleanly — there is nothing to harden.

Phase 1 — Detect ecosystems

Identify which ecosystems are in play. The scripts/detect_ecosystems.sh helper prints one line per detected ecosystem; use it as a starting point and verify by reading the manifest files yourself.

Supported ecosystems:

Ecosystem	Trigger files
npm/Node	`package.json`, `package-lock.json`, `pnpm-lock.yaml`, `yarn.lock`
Python	`pyproject.toml`, `requirements*.txt`, `Pipfile`, `uv.lock`, `poetry.lock`
Docker	`Dockerfile`, `Dockerfile.`, `docker-compose.y*ml`
GitHub Actions	`.github/workflows/.yml`

If the repo has multiple, the audit covers each one and the report has one section per ecosystem. If none of these exist, exit with a one-line message ("No supported ecosystems detected — nothing to audit.") and stop.

For each ecosystem detected, read its reference file before auditing:

references/npm.md — npm, pnpm, yarn checks and remediation.
references/python.md — pip, uv, Poetry, Pipenv checks and remediation.
references/docker.md — Dockerfile and image controls.
references/github-actions.md — workflow pinning, permissions, OIDC.

Do not load reference files for ecosystems that aren't present. Token discipline matters here — a pure-npm project should never read docker.md.

Print the Phase 1 completion report:

◆ Detect (phase 1 of 4 — read-only)
··································································
  Git repository:        √ pass
  Manifest scan:         √ pass (N ecosystems found)
  Reference files read:  √ pass (npm, docker)
  Multiple-lockfile:     √ none | × flagged (note)
  Criteria:              √ 4/4 met
  ____________________________
  Result:                PASS

Phase 2 — Audit and report

For each detected ecosystem, walk the checklist in its reference file. Each check resolves to one of:

present — the control is in place and correctly configured.
partial — the control exists but is weak (e.g., lockfile committed but no npm ci in CI).
missing — the control is absent.
n/a — does not apply (e.g., no CI yet).

Emit the audit report using the template in references/audit-report.md. The report must:

Begin with an Executive summary — one line per ecosystem with a posture rating (Strong / Moderate / Weak / Critical) computed per references/scoring.md.
List Findings grouped by ecosystem, sorted by severity (Critical → High → Medium → Low).
End with a Recommended changes preview — a numbered list of fixes the skill can apply, each with a one-line impact statement.

Do not propose fixes for things you didn't actually inspect. If you can't tell whether a control is in place (e.g., CI config in a private system), mark it unknown and ask the user.

After emitting the report, stop and wait for the user to decide whether to proceed to Phase 3. Do not auto-roll into planning. The audit alone is a valid deliverable.

Print the Phase 2 completion report:

◆ Audit (phase 2 of 4 — report only)
··································································
  Ecosystems detected:   √ pass (npm, docker, github-actions)
  Findings collected:    √ pass (N findings)
  Severities assigned:   √ pass
  Posture computed:      √ pass
  Criteria:              √ 4/4 met
  ____________________________
  Result:                PASS

Phase 3 — Plan changes

Only enter Phase 3 if the user explicitly agrees. A reply like "looks good" or "interesting" is not approval to plan — ask "Shall I draft a change plan?" if intent is ambiguous.

Use the template in references/change-plan.md. For every proposed change, the plan must state:

File: the exact path that will be created or modified.
Change: the diff snippet (added / removed lines), not a prose summary.
Why: one line linking back to a finding in the audit.
Impact: what could break — developer ergonomics, CI duration, install behavior. Be honest about cost. Examples:
- ignore-scripts=true breaks packages that legitimately need postinstall (e.g., native modules). Call this out.
- A 7-day min-release-age delays security patches; tell the user how to fast-track an override.
- Pinning Actions to SHA breaks dependabot auto-bumps unless paired with a SHA-aware updater.
Reversibility: how to undo if the user regrets it (git revert is fine, but mention it).

Group changes by ecosystem, ordered by severity (apply Critical first). If two changes touch the same file, show them as one combined diff so the user can reason about the final state.

Never include in the plan: changes the audit didn't justify, "while I'm here" cleanups, refactors of unrelated code, dependency upgrades that aren't security-driven. Scope stays inside the audit's findings.

After emitting the plan, stop and wait for explicit approval. Ask: "Approve the plan, approve a subset (list IDs), or reject?" Accept partial approval — the user may want to skip the cooldown setting but accept everything else.

Print the Phase 3 completion report:

◆ Plan (phase 3 of 4 — proposed diffs, nothing applied)
··································································
  Findings covered:      √ N/N from audit
  Out-of-scope changes:  √ none
  Diffs included:        √ pass (every change has a diff block)
  Impact statements:     √ pass (every change names a downside)
  Reversibility lines:   √ pass
  Criteria:              √ 5/5 met
  ____________________________
  Result:                PASS

Phase 4 — Apply

Only enter Phase 4 with explicit approval from Phase 3. If the user approved a subset, apply only those items.

For each approved change:

Read the target file (if it exists) before editing. Use Read then Edit — do not Write over a file blindly.
Apply the change exactly as it appeared in the plan. If you discover the file's actual contents differ from what the plan assumed, stop, tell the user, and ask whether to adjust.
After the edit, show a unified diff (git diff -- <file>) so the user sees what landed.

After all approved edits:

Run the project's existing install/lint/test commands if cheap (npm ci, uv sync, docker build --check). Do not run anything that takes more than a minute without asking. If a check fails, surface the failure but do not auto-revert — let the user decide.
Do not commit. Do not push. The user commits the diff themselves so they review it in their own tooling.
Print the Phase 4 completion report:

◆ Apply (phase 4 of 4 — local changes only)
··································································
  Changes approved:      √ N items
  Changes applied:       √ N items
  Files modified:        √ <list>
  Sanity checks:         √ pass | × failed (note)
  Commit:                — left to user (intentional)
  Criteria:              √ 4/4 met
  ____________________________
  Result:                PASS

Output and writing rules

Never invent findings. If a check requires running a command you can't run in this environment, say so and skip the check — don't fabricate the answer.
Quote file contents verbatim when reporting on them. Don't paraphrase .npmrc or a workflow YAML.
Severity discipline. Reserve Critical for controls that actively prevent attacks documented in the wild (no cooldown, postinstall enabled, Actions pinned by tag). Reserve High for controls that materially reduce blast radius. Medium and Low are for hygiene.
Show the diff, not just the intent. The user must be able to copy-paste your proposed change and see the same thing land.

Optional follow-ups (offer only after Phase 4)

After applying, offer — don't auto-run:

Set up Renovate or Dependabot with minimumReleaseAge (point to references/renovate.md if you add one later).
Generate an SBOM with Syft (syft . -o cyclonedx-json > sbom.json).
Schedule a follow-up audit in 90 days via /schedule.

Reference index

references/npm.md — npm/pnpm/yarn audit & remediation.
references/python.md — pip/uv/Poetry/Pipenv audit & remediation.
references/docker.md — Dockerfile and image checks.
references/github-actions.md — workflow hardening.
references/audit-report.md — Phase 2 report template.
references/change-plan.md — Phase 3 plan template.
references/scoring.md — posture rating rubric.
scripts/detect_ecosystems.sh — one-liner ecosystem detection.