Skills

supply-chain-security

Installation
SKILL.md

Supply Chain Security

This skill packages the durable software supply chain security (SSSC) reference material: open-standard catalogs, the combined capabilities inventory, and the classification taxonomies used to assess a repository's posture and turn gaps into prioritized work items.

When to use

Use this skill when you need to:

  • Assess a repository against the 27 combined supply chain capabilities from hve-core and physical-ai-toolchain.
  • Map posture against OpenSSF Scorecard, SLSA v1.0, OpenSSF Best Practices Badge, Sigstore (cosign), or NTIA SBOM minimum elements.
  • Classify a gap by adoption category, effort size, or qualitative concern level.
  • Derive work item priority and execution order from Scorecard risk levels.

Skill layout

Load the reference file for the topic you need. Each file holds the verbatim standard catalog or taxonomy.

Installs
5
Repository
microsoft/hve-core
GitHub Stars
1.2K
First Seen
11 days ago
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
supply-chain-security — microsoft/hve-core