km:npm-package-security-review
CommunityVet npm packages for secure adoption.
Authorkoumatsumoto
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill tackles the risk of introducing insecure npm packages into projects by conducting a thorough security review to prevent vulnerabilities, policy violations, and unknown behaviors from compromising your codebase.
Core Features & Use Cases
- Comprehensive Security Assessment: Evaluates packages across 7 key aspects including provenance, vulnerabilities, and runtime behavior using primary sources like npm registry and GitHub.
- Risk-Based Decision Making: Outputs clear verdicts like ALLOW, REJECT, or NEEDS_HUMAN_REVIEW with reasoned Japanese reports and evidence.
- Use Case: When considering [email protected] for a production node-server application with high data sensitivity, invoke this Skill to review its advisories, maintainer health, and policy fit before approval.
Quick Start
Perform a security review for @angular/[email protected] in a browser runtime context with medium data sensitivity.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: km:npm-package-security-review Download link: https://github.com/koumatsumoto/agent-config/archive/main.zip#km-npm-package-security-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.