Search Results: supply-chain-risk

Found 4 Skills

skill-scanner

Scan agent skills for security issues. Use when asked to "scan a skill", "audit a skill", "review skill security", "check skill for injection", "validate SKILL.md", or assess whether an agent skill is safe to install. Checks for prompt injection, malicious scripts, excessive permissions, secret exposure, and supply chain risks.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Complianceonekeyhq/app-monorepo

pr-review

Security-first PR review checklist for this repo. Use when reviewing diffs/PRs, especially changes involving auth, networking, sensitive data, or dependency/lockfile updates. Focus on secret/PII leakage risk, supply-chain risk (npm + node_modules inspection), cross-platform architecture (extension/mobile/desktop/web), and React performance (hooks + re-render hotspots). Avoid UI style nitpicks. PR Review.

🇺🇸|EnglishTranslated

Code Qualitygeneraljerel/chalk-skills

analyze-dependencies

Audit project dependencies for risk when the user asks to check dependencies, audit packages, review dependency health, check for vulnerabilities, or assess supply chain risk

🇺🇸|EnglishTranslated

Security & Complianceonekeyhq/app-monorepo

auditing-pre-release-security

Audits security and supply-chain risk between two git refs, 预发布安全审计

🇺🇸|EnglishTranslated