Dependency and lockfile supply-chain security review with 2025–2026 attack campaign patterns. Use when reviewing package.json, pyproject.toml, requirements.txt, pixi.toml, conda-lock.yml, or any lockfile; when evaluating a new dependency for addition; or when responding to a supply-chain compromise incident. Contains patterns for detecting maintainer-account-takeover style attacks that CVE scanners miss.
설치
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
Dependency and lockfile supply-chain security review with 2025–2026 attack campaign patterns. Use when reviewing package.json, pyproject.toml, requirements.txt, pixi.toml, conda-lock.yml, or any lockfile; when evaluating a new dependency for addition; or when responding to a supply-chain compromise incident. Contains patterns for detecting maintainer-account-takeover style attacks that CVE scanners miss.
Supply Chain Dependency Security
Threat Model (2025–2026)
The dominant supply-chain threat is maintainer account takeover of legitimate, widely-trusted packages — not typosquatting. Your CVE scanner will not catch these.
Active campaigns:
Shai-Hulud: 500+ npm packages compromised via maintainer account takeover
TeamPCP: Trivy, Checkmarx, LiteLLM, Bitwarden CLI, SAP CAP — targeted at security tooling
axios: 100M weekly downloads; compromise via release tag hijack
LiteLLM 1.82.8: malicious .pth file injected for persistent execution on every Python startup
New dependencies are held for ≥7 days before merging — most malicious releases are yanked within hours
Version pins in lockfile match expected package metadata (author, homepage, hash)
No unpinned latest or * in production dependency specs
Incident response
When a compromise is reported:
Identify affected version range from the advisory
Check if that version range is in the lockfile
Check if the install was cached (CI cache may still contain the compromised version)
Rotate any secrets or tokens accessible from the CI environment where the package ran
Check for persistence artifacts: .pth files, postinstall side effects, modified node_modules/.bin/
Findings format
Name the vulnerability class, cite the package name + version + advisory or campaign name, state blast radius (what can the package access at install time), and propose the fix (version pin, lockfile update, --ignore-scripts).