Stats
Actions
Tags
From leyline
Detects known-bad versions in Python dependencies, audits lockfiles like uv.lock, scans artifacts, and provides incident response patterns for supply chain security.
How this skill is triggered — by the user, by Claude, or both
Slash command
/leyline:supply-chain-advisoryThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Supply chain attacks bypass traditional code review by compromising upstream
Supply chain attacks bypass traditional code review by compromising upstream dependencies. This skill provides patterns for detecting, preventing, and responding to compromised packages in Python ecosystems.
The blocklist lives at ${CLAUDE_SKILL_DIR}/known-bad-versions.json.
It is consumed by:
make supply-chain-scan — CI/local scanning target{
"package_name": [{
"versions": ["x.y.z"],
"date": "YYYY-MM-DD",
"description": "What the attack did",
"indicators": ["files or patterns to search for"],
"source": "advisory URL",
"severity": "critical|high|medium"
}]
}
${CLAUDE_SKILL_DIR}/known-bad-versions.json!=x.y.z) to affected pyproject.toml filesdocs/dependency-audit.md under Supply Chain Incidentsmake supply-chain-scan to verify detection works# Scan uv.lock files for a specific compromised version
grep -r "package_name.*version" --include="uv.lock" /path/to/projects
# Search for malicious artifacts
find /path/to/projects -name "suspicious_file.pth" 2>/dev/null
# Check installed versions in virtualenvs
find /path/to/projects -path "*/.venv/lib/*/PACKAGE*/METADATA" \
-exec grep "^Version:" {} +
uv.lock includes SHA256 hashes for every package. If a package is
re-published with different content under the same version, uv sync
will fail with a hash mismatch. This is your strongest automatic defense.
| Layer | Tool | Catches |
|---|---|---|
| Lockfile hashes | uv.lock SHA256 | Tampered re-published versions |
| Version exclusions | pyproject.toml != | Known-bad versions on fresh resolve |
| SessionStart hook | sanctum hook | Per-session warning for compromised deps |
| CI scanning | OSV + Safety | CVE database + advisory matching |
| Artifact scanning | make supply-chain-scan | Malicious files (.pth, scripts) |
npx claudepluginhub athola/claude-night-market --plugin leylineDetects supply-chain risks in dependency manifests, lockfiles, install commands, and CI pipelines — missing lockfiles, absent vulnerability scanners, unverified installs, install hooks that pipe remote content to a shell, and AI-hallucinated package names.
Audits dependency configs for supply chain risks like unpinned versions, missing lockfiles, postinstall scripts in package.json, requirements.txt, Gemfile, go.mod, Cargo.toml, pom.xml. Hardens with pinning, SBOM, signing best practices.
Catches poisoned npm/PyPI packages before CVE tools via behavioural analysis and cooldown gate, with Socket.dev integration. Also audits OIDC tokens and detects worm persistence hooks in Claude Code/VS Code.