by mukul975
analyzing-supply-chain-malware-artifacts is a malware-analysis skill for tracing trojanized updates, poisoned dependencies, and build-pipeline tampering. Use it to compare trusted and untrusted artifacts, extract indicators, assess compromise scope, and report findings with less guesswork.
by mukul975
Learn how the exploiting-broken-link-hijacking skill finds and validates broken link hijacking risks from expired domains, abandoned services, and claimable external resources. Built for Security Audit workflows, it helps separate harmless dead links from takeover candidates with a practical triage process.
by mukul975
detecting-typosquatting-packages-in-npm-pypi helps identify suspicious npm and PyPI packages by comparing name similarity, publish recency, and download anomalies. Use it for security audit workflows, dependency review, and first-pass supply-chain risk screening with a reproducible registry-check process.
by mukul975
detecting-supply-chain-attacks-in-ci-cd skill for auditing GitHub Actions and CI/CD configs. It helps find unpinned actions, script injection, dependency confusion, secret exposure, and risky permissions for Security Audit workflows. Use it to review a repo, workflow file, or suspicious pipeline change with clear findings and fixes.
