SBOM & Supply Chain Security Improve release trust with reproducible metadata and verification gates. When to Use This Skill Use this skill when: - Producing SBOMs for container images or application builds - Verifying dependencies before deploy - Enforcing signed artifact and provenance policies - Preparing for SOC2, ISO 27001, or customer security reviews - Implementing SLSA framework requirements - Responding to supply chain vulnerabilities (e.g., Log4Shell-style events) Prerequisites - installed for SBOM generation - installed for CycloneDX SBOM generation - for vulnerability matching aga…