claudeindex
Plugin

security-supply-chain

Hardens JS/TS and Python package manager configs (pnpm, bun, npm, yarn, uv, pip) against supply chain attacks via minimum release age gates, lockfile commitment, exact version pinning, lifecycle-script allowlists, provenance attestation via OIDC Trusted Publishing, and commit-time secret scanning.

Installation

1

Add the marketplace

/plugin marketplace add gn00678465/meta-skills
2

Install plugins

/plugin

Run these commands in Claude Code to add this plugin to your environment. The marketplace must be added before you can install its plugins.