Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkills / Security / malware-analysis

Supply Chain Defense

Category: Security  ·  Sub-category: malware-analysis  ·  Last updated:
type:audittype:integration
Behavioural-first software supply chain defense - catches poisoned npm/PyPI packages in the publish-to-advisory window that CVE tools miss. Use BEFORE every install or version bump (not only when an attack is suspected) - the 7-day cooldown gate + behavioural score catches freshly-published malware that CVE tools won't see for days. Socket.dev integration (free CLI + GitHub app + depscore MCP for Claude Code), stale-OIDC audit, dependency cooldown policy, publish-token rotation, VS Code extension audit, and a self-integrity scan that detects worm persistence hooks injected into Claude Code / VS Code settings. Triggers on: pip install, uv add, uv tool install, npm install, pnpm add, yarn add, cargo add, go get, composer require, gem install, upgrade dependency, dependency upgrade, version bump, bump version, bump package, adding dependency, new dependency, vetting a dependency, vet package, is this package safe, safe to install, should I install, before installing, pre-install check, preinstall scan, preinstall-check, PyPI cooldown, npm cooldown, release cooldown, minimumReleaseAge, score a package, package score, depscore, socket score, supply chain, supply chain attack, malicious package, poisoned dependency, npm worm, Shai-Hulud, behavioural scanning, Socket.dev, socket scan, dependency security, postinstall malware, OIDC token theft, compromised maintainer, typosquat, dependency confusion, package provenance, SLSA, persistence hook, malicious VS Code extension.
Security AStatic scan found no risk patternsHow grading works ›

About this skill (catalog notes)

Supply Chain Defense includes a dedicated installation section; pricing or quota commentary; at least one code block. At roughly 3,271 words the SKILL.md is on the longer end of the catalog distribution.

Original author
0xDarkMatter
Indexed lastmod
Catalog position
Security · malware-analysis
Indexed related skills
10

How Supply Chain Defense fits the catalog

Supply Chain Defense sits in the Security category under the malware-analysis sub-topic in the ClaudSkills catalog. There are 10 related skills indexed alongside it; comparing a few before installing usually reveals which fits your workflow best.

These notes are auto-generated from features detected in the SKILL.md file and from this catalog's structure — they aren't part of the source repository.

From the source SKILL.md

Proactive, behavioural-first defense against the 2026 software supply chain threat: self-propagating worms (Shai-Hulud / Mini Shai-Hulud) that poison popular npm and PyPI packages, steal credentials, republish from stolen tokens, and inject persistence hooks into Claude Code and VS Code settings specifically.

What this skill does

Supply Chain Defense is a community-contributed Claude Code skill in the malware-analysis sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/supply-chain-defense/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The Supply Chain Defense Claude Code skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 115,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/supply-chain-defense
curl -L https://claudskills.com/skills/supply-chain-defense/SKILL.md \
  -o ~/.claude/skills/supply-chain-defense/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/supply-chain-defense/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/supply-chain-defense/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\supply-chain-defense\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Telegram

📱 Install from your phone or desktop Telegram

Open @claudskills_bot on Telegram, tap Open Desktop App, and the desktop app installs this skill for you. Or share the bot link with a colleague — they get the same one-tap install. Learn more →

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

See pricing → Download desktop app

Frequently asked questions

How do I install the Supply Chain Defense Claude Code skill?
Install via the ClaudSkills desktop app (one click) or copy SKILL.md from the source repository to ~/.claude/skills/supply-chain-defense/SKILL.md and restart Claude Code. Both flows are detailed at claudskills.com/install/.
What does the Supply Chain Defense skill do?
Behavioural-first software supply chain defense - catches poisoned npm/PyPI packages in the publish-to-advisory window that CVE tools miss. Use BEFORE every install or version bump (not only when an attack is suspected) - the 7-day cooldown gate + behavioural score catches freshly-published malware that CVE tools won't see for days. Socket.dev integration (free CLI + GitHub app + depscore MCP for Claude Code), stale-OIDC audit, dependency cooldown policy, publish-token rotation, VS Code extension audit, and a self-integrity scan that detects worm persistence hooks injected into Claude Code / VS Code settings. Triggers on: pip install, uv add, uv tool install, npm install, pnpm add, yarn add, cargo add, go get, composer require, gem install, upgrade dependency, dependency upgrade, version bump, bump version, bump package, adding dependency, new dependency, vetting a dependency, vet package, is this package safe, safe to install, should I install, before installing, pre-install check, preinstall scan, preinstall-check, PyPI cooldown, npm cooldown, release cooldown, minimumReleaseAge, score a package, package score, depscore, socket score, supply chain, supply chain attack, malicious package, poisoned dependency, npm worm, Shai-Hulud, behavioural scanning, Socket.dev, socket scan, dependency security, postinstall malware, OIDC token theft, compromised maintainer, typosquat, dependency confusion, package provenance, SLSA, persistence hook, malicious VS Code extension.
Is this skill free to install?
Yes. ClaudSkills is an open registry — every skill keeps its source repository's license, and manual install via copy is free. ClaudSkills Pro ($9/mo, $79/yr, or $149 one-time) adds one-click install via the desktop app and a multi-signal Quality Score.
When should I use the Supply Chain Defense skill?
Use Supply Chain Defense when your Claude Code task falls under the Security category — specifically in the malware analysis area. Claude Code auto-discovers installed skills and invokes the right one based on the task description, so you can also ask Claude directly (e.g. "use Supply Chain Defense" or describe the task and let Claude pick). Browse related skills at /category/security/.
What is a Claude Code skill and how does the Supply Chain Defense skill fit in?
A Claude Code skill is a SKILL.md file that lives under ~/.claude/skills/<name>/ and tells the Claude Code CLI agent how to perform a specific task (instructions, prompts, allowed tools). Skills are auto-discovered at session start. Supply Chain Defense is one of 67,000+ skills indexed in the open ClaudSkills catalog, classified under the Security category. Learn more at /learn/what-is-a-claude-skill/.

Attribution & license

Cite this skill

If you reference this skill in a blog post, paper, or documentation, you can cite it as:

APA
0xDarkMatter. (2026). Supply Chain Defense [Claude Code skill]. ClaudSkills. https://claudskills.com/skills/supply-chain-defense/
BibTeX
@misc{supply-chain-defense-2026,
  author    = {0xDarkMatter},
  title     = {Supply Chain Defense [Claude Code skill]},
  year      = {2026},
  publisher = {ClaudSkills},
  url       = {https://claudskills.com/skills/supply-chain-defense/}
}

Embed this skill

Promote, attribute, or link this skill from your own README, blog post, or documentation. All three snippets are free to use — no sign-up, no API key. More distribution surfaces →

Badge
[![ClaudSkills](https://claudskills.com/badge/supply-chain-defense.svg)](https://claudskills.com/skills/supply-chain-defense/?utm_source=badge&utm_medium=readme&utm_campaign=skill_badge)
<script>
<script src="https://claudskills.com/embed/supply-chain-defense.js" async></script>
<iframe>
<iframe src="https://claudskills.com/embed/supply-chain-defense.html" width="100%" height="160" frameborder="0" loading="lazy" title="ClaudSkills: Supply Chain Defense"></iframe>

Security scan

Grade A · scanned 2026-06-13 — free static scan against the OWASP Agentic Skills Top 10.

The scan flagged 1 of 10 categories (data-exfil), including a high-severity pattern. Patterns shown inside code fences are weighted as examples rather than instructions — read the grading methodology for what this does and does not guarantee.

Show this grade on your repo (click to copy):

[![Security: A](https://img.shields.io/badge/Security-A-2e7d32)](https://claudskills.com/skills/supply-chain-defense/#security)

Free. No spam. Unsubscribe in one click.

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all Security skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Skills & Claude Code Skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: PerfectStudio · Ucaption · UTagger · AutoXPoster · TestYourSkills · AutomationFlows · Au Naturel · Telegram @acreatorstore

Categories

Use cases

Popular tags

Learn

Site