vulnerability-remediation
Vulnerability Remediation for chainloop
This skill reviews open vulnerability policy violations recorded in Chainloop for the chainloop project and applies fixes to the affected source files.
Step 1: Find the Latest Project Version
Use list_products_with_versions (no parameters needed — uses the current chainloop org) and locate the Chainloop Community Edition product. Find the chainloop project version entry and note its projectVersionId (UUID).
Step 2: Gather Compliance Results and Evidence in Parallel
Once the projectVersionId is known, make both of these calls at the same time:
Call A — get_frameworks_compliance:
project_version_id: the UUID from Step 1framework_ids:["0ceef195-6900-4166-8407-77eb84954ed3"](chainloop-best-practices)
More from chainloop-dev/chainloop
upgrading-golang
Upgrades Go version across the entire Chainloop codebase including source files, Docker images, CI/CD workflows, and documentation. Use when the user mentions upgrading Go, golang version, or updating Go compiler version.
42upgrading-chart
Upgrades Helm chart dependencies (PostgreSQL, Vault) in the Chainloop project, including vendorized charts, container images, and CI/CD workflows. Use when the user mentions upgrading Helm charts, Bitnami dependencies, PostgreSQL chart, or Vault chart. CRITICAL - Major version upgrades are FORBIDDEN and must be escalated.
37custom-builtin-functions
Create a custom builtin function to be used in the Rego policy engine
37dependabot-pr-automation
Reviews open Dependabot pull requests, assesses their risk level based on version bump type and CI status, approves low-risk PRs, and merges them. Use when asked to process, review, merge, or triage Dependabot PRs.
26