Supply chain security patterns for dependency management: known-bad version detection, incident response, lockfile auditing, and artifact scanning. Do not use for general CVE triage unrelated to depen
plugins/leyline/skills/supply-chain-advisory/SKILL.md(master)