Endor Labs ai-plugins
Sets up endorctl and uses Endor Labs to scan, prioritize, and fix software supply chain security risks.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Endor Labs ai-plugins, derived from its capabilities.
AIVSS 8.1 · High
View MAESTRO 7-layer threat model →Overview
A Claude Code plugin that provisions the endorctl CLI and drives Endor Labs to scan a codebase's dependencies for reachable vulnerabilities, secrets, and supply-chain risk. It surfaces prioritized findings and remediation guidance through skills and MCP tools so the agent can fix them in place. Aimed at SCA and supply-chain security within the coding workflow.
Key features
- endorctl setup and orchestration
- Reachability-based dependency scanning
- Risk prioritization and fixes
- Supply-chain security coverage
Use cases
- Scanning dependencies for reachable CVEs
- Prioritizing and remediating supply-chain risk