creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 22:24:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/performing-supply-chain-attack-simulation/SKILL.md
T
mukul975 efca3ec611 feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
2026-04-06 11:17:40 +02:00

2.6 KiB
Raw Blame History

name, description, domain, subdomain, tags, version, author, license, nist_csf
name description domain subdomain tags version author license nist_csf
performing-supply-chain-attack-simulation Simulate and detect software supply chain attacks including typosquatting detection via Levenshtein distance, dependency confusion testing against private registries, package hash verification with pip, and known vulnerability scanning with pip-audit. cybersecurity application-security
supply-chain
typosquatting
dependency-confusion
package-verification
pip-audit
PyPI
software-composition-analysis
1.0 mahipal Apache-2.0
PR.PS-01
PR.PS-04
ID.RA-01
PR.DS-10

Performing Supply Chain Attack Simulation

Overview

Software supply chain attacks exploit trust in package registries through typosquatting (registering names similar to popular packages), dependency confusion (publishing higher-version public packages matching private names), and compromised package distribution. This skill detects these attack vectors by computing Levenshtein distance between package names and popular PyPI packages, verifying package integrity via SHA-256 hash comparison, scanning for known CVEs with pip-audit, and testing dependency resolution order for confusion vulnerabilities.

When to Use

  • When conducting security assessments that involve performing supply chain attack simulation
  • When following incident response procedures for related security events
  • When performing scheduled security testing or auditing activities
  • When validating security controls through hands-on testing

Prerequisites

Legal Notice: This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws.

Key Detection Areas

  1. Typosquatting — compare package names against top PyPI packages using edit distance thresholds
  2. Dependency confusion — check if internal package names exist on public PyPI with higher version numbers
  3. Hash verification — download packages and verify SHA-256 digests match published hashes
  4. Vulnerability scanning — audit installed packages against OSV and PyPA advisory databases
  5. Metadata anomalies — flag packages with suspicious author emails, missing homepages, or very recent first upload dates

Output

JSON report with risk scores per package, detected attack vectors, hash verification results, and CVE findings.

Reference in New Issue View Git Blame Copy Permalink