How does it help with OpenSSF compliance?

It provides checklists, automation scripts, and templates specifically aligned with the OpenSSF Best Practices Badge requirements for Passing, Silver, and Gold levels.

What is the Enterprise Readiness skill?

It is a specialized capability for Claude Code that helps developers assess and improve software projects for security, quality, and production readiness based on industry standards.

What frameworks does this skill support?

It is aligned with major industry frameworks including SLSA (Supply-chain Levels for Software Artifacts), S2C2F, and the OpenSSF Scorecard.

Can it help secure CI/CD pipelines?

Yes, it includes hardened GitHub Action templates and critical security rules to prevent common vulnerabilities like script injection and insecure dependency management.

Is this skill only for GitHub projects?

While it features deep integration for GitHub-hosted projects, it includes general reference materials, scoring systems, and principles applicable to GitLab and other development platforms.

Enterprise Readiness Assessment

Name: Enterprise Readiness Assessment
Author: netresearch

bynetresearch

•

セキュリティとテスト

Assess and enhance software projects for enterprise-grade security, quality, and supply chain automation.

This skill provides a comprehensive framework for evaluating software projects against enterprise standards, including security hardening, supply chain integrity, and quality automation. It streamlines the implementation of OpenSSF Scorecard criteria, SLSA levels, and SBOM generation while providing automated scripts for CI/CD hardening. Whether you're preparing a project for production or pursuing industry-standard security badges, this tool offers the templates, workflows, and scoring systems needed to ensure your code meets rigorous professional requirements.

主な機能

01Supply chain security implementation (SLSA, SBOMs, Cosign)

029 GitHub stars

03OpenSSF Scorecard and Best Practices Badge assessment

04Hardened CI/CD workflow templates for GitHub and GitLab

05Documentation templates for governance, architecture, and security audits

06Automated security scoring and gap analysis

ユースケース

01Preparing an open-source project for enterprise adoption or production use

02Implementing SLSA Level 3 build attestation and reproducible builds

03Hardening GitHub Actions pipelines against script injection and insecure dependencies

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add netresearch/claude-code-marketplace enterprise-readiness

For use in Claude.ai and ChatGPT

Download Skill