Agent skill

phase-2-automation-weeks-5-8

Automation phase SDLC hardening overview. CI/CD gates, SBOM generation, vulnerability scanning, SLSA provenance, and automated evidence collection for secure software supply chain enforcement.

Stars 1
Forks 2

Install this agent skill to your Project

npx add-skill https://github.com/adaptive-enforcement-lab/claude-skills/tree/main/plugins/enforce/skills/phase-2-automation-weeks-5-8

SKILL.md

Phase 2: Automation (Weeks 5-8)

When to Use This Skill

Phase 2 extends enforcement into the CI/CD pipeline through two critical areas:

  1. CI/CD Gates - Required checks, SBOM generation, vulnerability scanning, SLSA provenance
  2. Evidence Collection - Automated archival and metrics tracking

These controls ensure failing builds never reach production and provide audit evidence.


Implementation

See the full implementation guide in the source documentation.

Related Patterns

  • SLSA Provenance
  • SBOM Generation
  • Vulnerability Scanning
  • Implementation Roadmap Overview
  • Phase 1: Foundation
  • Phase 3: Runtime →

References

Expand your agent's capabilities with these related and highly-rated skills.

Didn't find tool you were looking for?

Be as detailed as possible for better results