Software Supply Chain Security: Understanding Developer Risk
After connecting with dozens of CISOs and CTOs, we've realized there’s a lot of diverging ideas...
In our last post, we released the BoostSecurity Safe Package MCP server: a lightweight guardrail that lets coding agents check dependency safety before they install anything. That helps stop typosquats, malware-laced releases, and risky, unmaintained packages from ever reaching your machine.
Today, we’re taking the next step in developer supply-chain defense:
Poutine brings Model Context Protocol (MCP) superpowers to your editor/agent so it can analyze repos and build pipelines on demand, spot dangerous CI/CD coding patterns, and validate newly generated pipelines, all inline while you code.
Agentic coding is accelerating software creation (Claude Code, Cursor, Gemini CLI, Copilot, Windsurf, etc.). That’s great for delivery speed, but it also means agents are proposing new workflows, touching more repositories, and moving faster than traditional review gates.
Attackers know this. The recent Nx supply chain attack started because an agent generated a vulnerable workflow that got exploited.
Poutine helps agents (and humans!) audit at scale, instantly, so speed doesn’t come at the expense of security.
Make sure you’ve installed Poutine (see project README) and authenticated with GitHub:
$ gh auth login
$ export GH_TOKEN=$(gh auth token)
Poutine picks up GH_TOKEN from your shell session.
Claude Code
$ claude mcp add poutine poutine mcp-server
Gemini CLI
$ gemini mcp add poutine poutine mcp-server
Any MCP-compatible client (stdio)
Add to your config:
"mcpServers": {
"poutine": {
"type": "stdio",
"command": "poutine",
"args": ["mcp-server"]
}
}
That’s it. Your assistant now has a security scanner on tap.
Prompt to your assistant:
> Create a GitHub Actions workflow that runs tests on pull requests.
Your assistant generates YAML, then automatically calls analyze_manifest to validate it. If it finds unsafe triggers, bad permissions, or unpinned actions, it suggests secure changes before you commit.
Prompt:
> Use Poutine to analyze the security of the repository myorg/myrepo
The assistant calls analyze_repo and you get a concise summary plus deep findings, with precise remediations that the agent can implement.
Prompt:
> Use Poutine to scan all repositories in the myorg organization
Poutine’s analyze_org runs multi-repo checks in parallel (configurable threads), with options to ignore forks or target self-hosted SCMs.
Prompt:
> Check myorg/myrepo for pull_request_target vulnerabilities in stale branches
Use analyze_repo_stale_branches to surface risky patterns that often fly under the radar.
With Poutine wired in, your assistant can:
This shifts CI security left into the authoring loop, without extra toil for developers.
Does Poutine require a BoostSecurity account?
No. Configure your MCP client and set GH_TOKEN.
Which clients are supported?
Tested with Claude Code, Gemini CLI and generally any MCP-compatible client via stdio.
Which CI systems are supported for manifest analysis?
GitHub Actions, GitLab CI, Azure Pipelines, Tekton.
Can it run against self-hosted GitHub/GitLab?
Yes, use scm_base_url and set the appropriate provider.
Happy (and secure) agentic coding!
After connecting with dozens of CISOs and CTOs, we've realized there’s a lot of diverging ideas...