Public skill / source-pinned
agent-supply-chain
Verify supply chain integrity for AI agent plugins, tools, and dependencies. Use this skill when: - Generating SHA-256 integrity manifests for agent plugins or tool packages - Verifying that installed plugins match their published manifests - Detecting tampered, modified, or untracked files in agent tool directories - Auditing dependency pinning and version policies for agent components - Building provenance chains for agent plugin promotion (dev → staging → production) - Any request like "verify plugin integrity", "generate manifest", "check supply chain", or "sign this plugin"
Agent SkillGitHub sourceDigest checked
Package / manifest
The exact contents,
before install.
- Source
- github/awesome-copilot ↗
- Content SHA
4d03bd51da02b78c…- Package digest
84ea66810c7b97fc…- Download size
- 4.0 KB