sam-4screen-desktop 2026-6-5:17:50:24

2026-06-05 17:50:24 +10:00
parent edcb2a5456
commit 98acace9b7
2 changed files with 54 additions and 5 deletions
--- a/Skills.md
+++ b/Skills.md
@@ -52,6 +52,55 @@ aliases: []
 | **openspec-apply-change** | Implement tasks from an OpenSpec change |
 | **openspec-archive-change** | Archive completed changes |
 | **openspec-explore** | Explore ideas and clarify requirements |
+| **npm-security** | Scan packages with SafeDep Vet, check typosquatting with npq, wrap installs with Socket Firewall |
+
+---
+
+## Security Tools (npm Global)
+
+Three tools installed globally at `~/.local/share/npm-global/bin/` to guard package installs.
+
+### SafeDep Vet (`vet`)
+
+Scans local directories for multi-language malware signatures. Catches obfuscated code, suspicious imports, base64 payloads.
+
+```bash
+# Scan a cloned repo before touching it
+vet scan -D . --format json --filter "package.malware == true"
+
+# Scan package metadata from npm registry
+vet scan package <name> --format json
+```
+
+### Socket Firewall (`socket`)
+
+Wraps npm/pip installs with real-time scanning. Blocks malicious packages at install time.
+
+```bash
+# Safe npm install
+socket npm install <package>
+
+# Safe pip install
+socket pip install -r requirements.txt
+```
+
+### npq
+
+Checks package names against typosquatting lists before install. Lightweight, local, no phoning home.
+
+```bash
+npq check <package> --json
+```
+
+### Workflow
+
+```
+1. vet scan → checks for malware in the code/package
+2. npq check → checks the package name for typosquatting
+3. socket install → wraps the actual install with runtime scanning
+```
+
+The **npm-security** skill instructs the Pi agent to follow this workflow before any install.

 ---