{"skill":{"slug":"bookforge-secure-deployment-pipeline","displayName":"Secure Deployment Pipeline","summary":"Secure a software deployment pipeline against supply chain attacks from benign insiders (mistakes), malicious insiders, and external attackers: map pipeline...","tags":{"bookforge":"1.0.0","latest":"1.0.0","tags:":"1.0.0"},"stats":{"comments":0,"downloads":141,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1775722765327,"updatedAt":1775725009155},"latestVersion":{"version":"1.0.0","createdAt":1775722765327,"changelog":"Initial release of Secure Deployment Pipeline skill  \n- Provides a structured assessment and hardening guide for CI/CD pipeline supply chain security.\n- Maps pipeline threats to mitigations using a three-adversary model (benign insiders, malicious insiders, external attackers).\n- Generates binary provenance requirements and defines provenance-based deployment policies with choke-point enforcement.\n- Recommends verifiable build architectures and produces a staged hardening roadmap, including auditable breakglass controls.\n- Requires secure-code-review as a prerequisite for foundational supply-chain security.","license":"MIT-0"},"metadata":{"os":null,"systems":null},"owner":{"handle":"quochungto","userId":"s176b6gfk8djgcz320d83ta4e184bx1v","displayName":"Hung Quoc To","image":"https://avatars.githubusercontent.com/u/88069966?v=4"},"moderation":null}