‹ 首页

vendor-risk

@eyesecurity · 收录于 1 周前

ACTIVATE when integrating a new service, API, SaaS tool, SDK, npm/pip/maven package, Docker image, or any third-party dependency — or when discussing suppliers, vendors, processor agreements, or supply chain security. Also activate on imports from unknown packages or adding external webhooks/endpoints. Ensures every new vendor or dependency is assessed against the org's critical assets, data residency, and NIS2 Art. 21(2)(d) supply chain requirements.

适合你,如果每次接入第三方服务前都需要做安全与合规评估。

/ 通过 npx 安装 校验哈希
npx oh-my-skill add eyesecurity/skills/vendor-risk
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- eyesecurity/skills/vendor-risk
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify eyesecurity/skills/vendor-risk
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
6GitHub stars
~1.1K上下文体积 · 单文件
索引托管

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。