molecule-ai/molecule-ai-plugin-molecule-security-scan
35
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a33d4ff2e3
molecule-ai-plugin-molecule.../plugin.yaml
Hongming Wang 24e4e3368f
Some checks failed
CI / validate (push) Failing after 0s
Details
import from local vendored copy (2026-05-06)
2026-05-06 13:53:30 -07:00

17 lines
456 B
YAML
Raw Blame History

name: molecule-security-scan
version: 1.0.0
description: >
Supply-chain CVE gate for skill dependencies. Wraps builtin_tools/security_scan.py —
runs Snyk or pip-audit against a skill's requirements.txt before the skill
loads, blocking or warning on critical/high CVEs. Opt-in per workspace.
author: Molecule AI
tags: [security, cve, supply-chain, snyk, pip-audit]
runtimes:
- langgraph
- claude_code
- deepagents
skills:
- skill-cve-gate
Reference in New Issue View Git Blame Copy Permalink