Skill Detail
Scan repositories for Shai-Hulud 2.0 supply-chain indicators with the detector action
Check repositories and CI surfaces for Shai-Hulud 2.0 compromise indicators when the task is targeted supply-chain triage, not generic malware scanning.
Security & VerificationMulti-Framework
Security & Verification
Multi-Framework
Security Reviewed
β 124 GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill scan-repositories-for-shai-hulud-2-0-supply-chain-indicators-with-the-detector-action
Works best when you want a reusable capability, not another fragile one-off prompt.
At a glance
Tools required
GitHub Action or local detector CLI, repository or monorepo to scan, and security triage review
Install & setup
Use the upstream GitHub Action in CI or run the detector locally, then review the campaign-specific findings, SARIF output, and incident-response guidance from the project documentation.
Author
GenSecAIHQ
Publisher
GitHub Repository
Last updated
Apr 16, 2026
Quick brief
Use the Shai-Hulud 2.0 Detector when a team needs a focused incident-response workflow for this specific npm compromise set. The scope boundary is unusually strong: scan for known malicious packages, suspicious scripts, runner indicators, and exfiltration traces tied to the Shai-Hulud 2.0 campaign, then feed the findings into triage. That keeps it skill-shaped instead of a generic security tool card. A user invokes it for one named supply-chain investigation job with concrete inputs and outputs.