dependency.audit
CommunityScan for vulnerabilities, ensure license compliance.
Authorchrislyons
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Managing project dependencies can be a security and compliance nightmare. This skill automatically scans your project for outdated or vulnerable packages and checks their licenses, protecting you from hidden risks.
Core Features & Use Cases
- Security Vulnerability Scan: Identifies known security flaws in npm, Python, and Rust packages.
- License Compliance Check: Verifies that all dependency licenses align with your project's policies.
- Upgrade Recommendations: Provides actionable advice for upgrading vulnerable or outdated packages.
- Use Case: Run before every deployment or on a weekly schedule to maintain a secure and compliant software supply chain, ensuring "AI works, you rest" by preventing security incidents.
Quick Start
Example: Check for vulnerable dependencies
User: "Check for vulnerable dependencies"
Output:
🔍 Dependency Security Audit
📦 NPM Packages:
❌ CRITICAL: [email protected] - CVE-2024-12345
Description: Path traversal vulnerability
Upgrade to: [email protected]
Impact: High
🐍 Python Packages:
✅ All packages secure
Summary:
- Critical: 1
- Moderate: 1
- Low: 0
- Total packages scanned: 47
Dependency Matrix
Required Modules
npmpip-auditcargo-audit
Components
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: dependency.audit Download link: https://github.com/chrislyons/carbon-acx/archive/main.zip#dependency-audit Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.