https://github.com/netresearch/enterprise-readiness-skill

Agent Skill for enterprise readiness assessment - security, quality, and automation | Claude Code compatible
https://github.com/netresearch/enterprise-readiness-skill

agent-skills ai-agent claude-code-skill devsecops enterprise open-standard openssf security skill slsa supply-chain-security

Last synced: about 2 months ago
JSON representation

Agent Skill for enterprise readiness assessment - security, quality, and automation | Claude Code compatible

• Host: GitHub
• URL: https://github.com/netresearch/enterprise-readiness-skill
• Owner: netresearch
• License: other
• Created: 2025-11-29T17:57:15.000Z (7 months ago)
• Default Branch: main
• Last Pushed: 2026-03-30T13:34:22.000Z (2 months ago)
• Last Synced: 2026-03-30T15:25:19.958Z (2 months ago)
• Topics: agent-skills, ai-agent, claude-code-skill, devsecops, enterprise, open-standard, openssf, security, skill, slsa, supply-chain-security
• Language: Shell
• Homepage:
• Size: 333 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE-CC-BY-SA-4.0
  • Agents: AGENTS.md

Awesome Lists containing this project

README

          
# Enterprise Readiness Skill

Netresearch AI skill for assessing and enhancing software projects to meet enterprise-grade standards for security, quality, and automation.

## 🔌 Compatibility

This is an **Agent Skill** following the [open standard](https://agentskills.io) originally developed by Anthropic and released for cross-platform use.

**Supported Platforms:**

- ✅ Claude Code (Anthropic)

- ✅ Cursor

- ✅ GitHub Copilot

- ✅ Other skills-compatible AI agents

> Skills are portable packages of procedural knowledge that work across any AI agent supporting the Agent Skills specification.

## Features

- **OpenSSF Framework Alignment** - Complete coverage across Scorecard, Best Practices Badge (Passing/Silver/Gold), SLSA, and S2C2F

- **Dynamic Scoring** - Fair cross-stack assessment with platform/language-specific criteria

- **Supply Chain Security** - SLSA provenance, artifact signing, SBOM generation, dependency scanning

- **Quality Gates** - Testing layers, coverage thresholds, static analysis, secret scanning

- **Automation Scripts** - Ready-to-use scripts for security hardening and compliance checks

- **Badge Progression** - Guided path from Passing → Silver → Gold certification

## Installation

### Marketplace (Recommended)

Add the [Netresearch marketplace](https://github.com/netresearch/claude-code-marketplace) once, then browse and install skills:

```bash

# Claude Code

/plugin marketplace add netresearch/claude-code-marketplace

```

### npx ([skills.sh](https://skills.sh))

Install with any [Agent Skills](https://agentskills.io)-compatible agent:

```bash

npx skills add https://github.com/netresearch/enterprise-readiness-skill --skill enterprise-readiness

```

### Download Release

Download the [latest release](https://github.com/netresearch/enterprise-readiness-skill/releases/latest) and extract to your agent's skills directory.

### Git Clone

```bash

git clone https://github.com/netresearch/enterprise-readiness-skill.git

```

### Composer (PHP Projects)

```bash

composer require netresearch/enterprise-readiness-skill

```

Requires [netresearch/composer-agent-skill-plugin](https://github.com/netresearch/composer-agent-skill-plugin).

## Usage

The skill triggers on keywords like:

- "enterprise readiness", "production ready"

- "OpenSSF", "security scorecard", "best practices badge"

- "SLSA", "supply chain security", "SBOM"

- "quality gates", "CI/CD hardening"

### Example Prompts

```

"Assess this project for enterprise readiness"

"What's needed for OpenSSF Best Practices Silver badge?"

"Help me reach SLSA Level 2"

"Set up supply chain security for this Go project"

```

## Structure

```

enterprise-readiness/

├── SKILL.md              # AI instructions

├── README.md             # This file

├── LICENSE-MIT           # Code license (MIT)

├── LICENSE-CC-BY-SA-4.0  # Content license (CC-BY-SA-4.0)

├── composer.json         # PHP distribution

├── references/           # OpenSSF criteria documentation

│   ├── general.md        # Universal checks (60 points)

│   ├── github.md         # GitHub-specific (40 points)

│   ├── go.md             # Go-specific (20 points)

│   ├── openssf-badge-silver.md

│   └── openssf-badge-gold.md

├── scripts/              # Automation scripts

│   ├── check-*.sh        # Validation scripts

│   └── setup-*.sh        # Configuration scripts

└── assets/               # Templates and configs

    └── templates/        # CI/CD, SBOM, policy templates

```

## Contributing

Contributions welcome! Please submit PRs for:

- Additional platform support (GitLab, Bitbucket)

- New language-specific checks

- Script improvements

- Documentation updates

## License

This project uses split licensing:

- **Code** (scripts, workflows, configs): [MIT](LICENSE-MIT)

- **Content** (skill definitions, documentation, references): [CC-BY-SA-4.0](LICENSE-CC-BY-SA-4.0)

See the individual license files for full terms.

## Credits

Developed and maintained by [Netresearch DTT GmbH](https://www.netresearch.de/).

---

**Made with ❤️ for Open Source by [Netresearch](https://www.netresearch.de/)**