원클릭으로 Manus에서 모든 스킬 실행

aigate-scan

Scan a lockfile or requirements file for supply chain attacks. Use when: reviewing requirements.txt, package-lock.json, Cargo.lock, Gemfile.lock, composer.lock, pubspec.lock, go.sum, yarn.lock, pnpm-lock.yaml. Also use when auditing project dependencies or onboarding to a new codebase. ALWAYS run this when you see a lockfile or dependency manifest.

Manus에서 실행

개요

설치 명령

npx skills add https://github.com/ImL1s/aigate --skill aigate-scan

이 명령을 Claude Code에 복사하여 붙여넣어 스킬을 설치하세요

출처

ImL1s/aigate

스타2

포크1

업데이트2026년 3월 29일 06:28

SKILL.md

readonly

name	aigate-scan
description	Scan a lockfile or requirements file for supply chain attacks. Use when: reviewing requirements.txt, package-lock.json, Cargo.lock, Gemfile.lock, composer.lock, pubspec.lock, go.sum, yarn.lock, pnpm-lock.yaml. Also use when auditing project dependencies or onboarding to a new codebase. ALWAYS run this when you see a lockfile or dependency manifest.

When to trigger

You MUST run aigate scan when you encounter or are asked to review:

requirements.txt, requirements/*.txt, Pipfile.lock, poetry.lock
package-lock.json, yarn.lock, pnpm-lock.yaml
Cargo.lock
Gemfile.lock
composer.lock
pubspec.lock
go.sum
Any dependency manifest or lockfile

Also trigger when:

Onboarding to a new project / cloning a repo
Reviewing a PR that modifies dependency files
A user asks "are my dependencies safe?"

How to use

aigate scan <lockfile>

Examples

# Python
aigate scan requirements.txt
aigate scan poetry.lock

# Node.js
aigate scan package-lock.json
aigate scan yarn.lock

# Rust
aigate scan Cargo.lock

# Multiple files
aigate scan requirements.txt && aigate scan package-lock.json

Interpret exit codes

Exit 0 = All dependencies are SAFE.
Exit 1 = Some dependencies are SUSPICIOUS. Show the flagged packages.
Exit 2 = MALICIOUS dependencies found. Alert the user immediately. List all flagged packages and recommend removal.
Exit 3 = ERROR. Could not complete the scan.

If aigate is not installed

pip install aigate
# or
uv pip install aigate

Then re-run the scan.

Important

For large lockfiles, the scan may take a minute. This is normal.
Report all flagged packages, not just the first one.
Suggest aigate check <package> -e <ecosystem> for deeper analysis of any suspicious package.

이 저장소의 다른 Skills

같은 저장소

add-backend

ImL1s/aigate

Scaffold a new AI backend that implements AIBackend.analyze() — add file under src/aigate/backends/, register in BACKEND_MAP, wire unit tests. Use when adding support for a new AI model / provider.

2026-04-212

e2e

ImL1s/aigate

Run only the E2E test suite (no full 705-test unit battery). Two modes — Docker-sandboxed (scripts/run-e2e.sh) or direct pytest (tests/e2e/).

2026-04-212

release

ImL1s/aigate

Cut a new PyPI release — bump version in pyproject.toml, run scripts/publish.sh, tag, and hand off the final `uv publish` step to the user.

2026-04-212

aigate-check

ImL1s/aigate

Check any package for supply chain attacks before installing. Use when: pip install, npm install, yarn add, pnpm add, cargo add, gem install, composer require, flutter pub add, go get, dotnet add package. Also use when someone suggests installing a package or dependency. ALWAYS run this before installing anything — no exceptions.

2026-03-292

check-package

ImL1s/aigate

Analyze a package with aigate CLI (static pre-filter + optional AI analysis). Usage: /check-package <name> [version] [ecosystem]

2026-03-282

verify

ImL1s/aigate

Run lint, format check, and all tests to verify code quality before committing.

2026-03-282

출처

ImL1s

ImL1s/aigate

GitHub 저장소 열기 Creator 저장소 보기

설치 명령

다운로드

Manus에서 실행

유용한 대상SOC

정보 보안 분석가컴퓨터 및 수학직15-1212L4

name	aigate-scan
description	Scan a lockfile or requirements file for supply chain attacks. Use when: reviewing requirements.txt, package-lock.json, Cargo.lock, Gemfile.lock, composer.lock, pubspec.lock, go.sum, yarn.lock, pnpm-lock.yaml. Also use when auditing project dependencies or onboarding to a new codebase. ALWAYS run this when you see a lockfile or dependency manifest.

When to trigger

You MUST run aigate scan when you encounter or are asked to review:

requirements.txt, requirements/*.txt, Pipfile.lock, poetry.lock
package-lock.json, yarn.lock, pnpm-lock.yaml
Cargo.lock
Gemfile.lock
composer.lock
pubspec.lock
go.sum
Any dependency manifest or lockfile

Also trigger when:

Onboarding to a new project / cloning a repo
Reviewing a PR that modifies dependency files
A user asks "are my dependencies safe?"

How to use

aigate scan <lockfile>

Examples

# Python
aigate scan requirements.txt
aigate scan poetry.lock

# Node.js
aigate scan package-lock.json
aigate scan yarn.lock

# Rust
aigate scan Cargo.lock

# Multiple files
aigate scan requirements.txt && aigate scan package-lock.json

Interpret exit codes

Exit 0 = All dependencies are SAFE.
Exit 1 = Some dependencies are SUSPICIOUS. Show the flagged packages.
Exit 2 = MALICIOUS dependencies found. Alert the user immediately. List all flagged packages and recommend removal.
Exit 3 = ERROR. Could not complete the scan.

If aigate is not installed

pip install aigate
# or
uv pip install aigate

Then re-run the scan.

Important

For large lockfiles, the scan may take a minute. This is normal.
Report all flagged packages, not just the first one.
Suggest aigate check <package> -e <ecosystem> for deeper analysis of any suspicious package.