Loading...
Loading...
Found 65 Skills
MUST be used whenever fixing dependency issues in a Dune app. This skill finds AND fixes vulnerabilities, outdated packages, deprecated dependencies, and license issues — it does not just report them. Triggers: dependencies, packages, fix dependencies, update packages, fix vulnerabilities, npm audit fix, pnpm audit fix, CVE fix, outdated, deprecated, supply chain, license.
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
Advanced vulnerability analysis principles. OWASP 2025, Supply Chain Security, attack surface mapping, risk prioritization.
Run Syft to generate Software Bill of Materials (SBOM) from container images and filesystems. Outputs CycloneDX or SPDX formats for supply chain compliance.
Use this skill when auditing AI agent skills for security vulnerabilities, prompt injection, permission abuse, supply chain risks, or structural quality. Triggers on skill review, security audit, skill safety check, prompt injection detection, skill trust verification, skill quality gate, and any task requiring security analysis of AI agent skill files.
Analyze and mitigate the bullwhip effect where demand variability amplifies upstream in supply chains. Use this skill when the user needs to diagnose order variability amplification, quantify the bullwhip ratio, or implement dampening strategies — even if they say 'why are our orders so volatile', 'supply chain variability', or 'demand amplification problem'.
When the user wants to implement shipment tracking, product traceability, or supply chain visibility. Also use when the user mentions "tracking," "traceability," "visibility," "serialization," "lot tracking," "batch tracking," "chain of custody," "provenance," "track and trace," or "shipment monitoring." For control towers, see control-tower-design. For compliance, see compliance-management.
You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.
Modern application security patterns aligned with OWASP Top 10:2025 (final), OWASP API Security Top 10 (2023), NIST SSDF, zero trust (incl. NSA ZIGs 2026), supply chain security (SBOM), passkeys/WebAuthn, authentication, authorization, input validation, cryptography, plus security ROI, breach cost modeling, and compliance-driven enterprise sales.
Modern security standards including Zero Trust Architecture, supply chain security, DevSecOps integration, and cloud-native protection
Run Confused and GuardDog to detect dependency confusion and typosquatting risks. Checks if internal package names exist on public registries and identifies malicious packages.
1688 Factory and Wholesale Price Inquiry Tool. Use this skill when you need to find factories, obtain wholesale prices, and source supply chain resources on 1688. Enter product keywords and features to output factory lists, MOQ price ranges, MOQ and other information, providing cost data for pricing calculations.