A CI/CD pipeline is only as trustworthy as the code and tools it pulls during execution. That sounds obvious, but it is easy to forget. Most supply chain conversations start with application dependencies: Maven artifacts, Gradle dependencies, npm packages, base images, operating system packages, and third-party libraries. But CI/CD tools are dependencies too. The image used by a pipeline job is a dependency. The scanner image used in a security stage is a dependency. The GitHub Action used to scan containers is a dependency. The script downloaded with curl | sh is a dependency. The latest tag is also a dependency, but one that can change without a pull request. That is the part I want to focus on here. The Trivy supply chain incident is a useful case study because Trivy is not a random tool. It is a widely used security scanner. Many teams run it in CI/CD specifically to improve supply chain security.…