Agent Supply Chain Integrity
v1.0.0 · Public · Verified ·devops ·scanned 2026-07-04
Install
Claude Code: add the marketplace once, then install.
/plugin marketplace add simplycubed/skills /plugin install agent-supply-chain@simplycubed Any agent (folder)
Download the folder at the source, then drop it into your agent's skills directory.
Folder: agent-supply-chain/
| Agent | Directory |
|---|---|
| Vendor-neutral (Codex, Gemini CLI, …) | .agents/skills/ |
| Claude Code | ~/.claude/skills/ |
| Gemini CLI | ~/.gemini/skills/ |
Summary
Verifies supply-chain integrity for AI-agent plugins, tools, and dependencies — SHA-256 integrity manifests, tamper detection, dependency-pinning audits, and dev-to-prod provenance chains for agent components.
Details
Passed automated static scanning. A point-in-time review, not a guarantee it is safe to run.
Scanned 2026-07-04: certify builtin · gitleaks 8.18.4 · osv-scanner 2.4.0 · semgrep n/a (no code)
✓ All checks clean
Credits
Written by GitHub awesome-copilot contributors
Keywords
#supply-chain #security #integrity