nitinjain999/platform-skills

Production-grade platform engineering handbook — Kubernetes, Terraform, Flux CD, GitHub Actions, AWS, and more.

Quality

84%

Does it follow best practices?

Impact

—

No eval scenarios have been run

Securityby

Passed

No known issues

Supply Chain Security Examples

Name: nitinjain999/platform-skills
Rating: 67.2 (1 reviews)
Author: nitinjain999

Status: Stable

Working examples for the /platform-skills:supply-chain skill.

Files

File	Description
`sign-and-push.yaml`	GitHub Actions: build, sign with Cosign keyless, and push
`sbom-attest.yaml`	GitHub Actions: generate SBOM with Syft and attest
`trivy-gate.yaml`	GitHub Actions: Trivy CVE scan with CRITICAL+HIGH severity gate
`kyverno-verify-image.yaml`	Kyverno ImageValidatingPolicy: block unsigned images
`slsa-provenance.yaml`	GitHub Actions: SLSA Level 2 provenance via slsa-github-generator

Usage

Copy the relevant file into your .github/workflows/ or policies/ directory and substitute <org> and <image> placeholders.

Validation

bash examples/supply-chain/supply-chain-validate.sh

.claude-plugin

.github

docs

examples

agent-self-improve

argocd

awesome-docs

aws

azure

chaos

compliance

conventional-commits

datadog

demo

documentation

dora

dynatrace

fluxcd

helm

keda

kubernetes

kyverno

mcp

observability

opa

openshift

pr-review

runtime-security

supply-chain

README.md

supply-chain-validate.sh

terraform

triage

scripts

skills

tests

EDITOR_INTEGRATIONS.md

nitinjain999/platform-skills

README.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}examples/supply-chain/

Supply Chain Security Examples

Files

Usage

Validation

README.mdexamples/supply-chain/