Dependency Management
Skill Verifiziert AktivManage third-party libraries, runtimes, and SaaS dependencies. Use this skill when setting an update cadence, responding to security advisories, dealing with deprecated dependencies, evaluating new dependencies, auditing what's installed, or unblocking a dependency upgrade. Triggers on dependency, package update, security patch, lockfile, deprecated, breaking change, supply chain, dependency audit, npm audit, dependabot, renovate. Also triggers when a build breaks after an update or when an advisory is published for a used package.
To help developers and teams establish and maintain robust dependency management practices, ensuring security, currency, and stability across their projects.
Funktionen
- Dependency inventory and categorization
- Security advisory auditing and prioritization
- Major version upgrade planning and execution
- Policy setting for updates, security, and pinning
- Automation recommendations for updates and audits
Anwendungsfälle
- Setting up dependency hygiene for new or existing projects
- Responding to security advisories and vulnerability reports
- Planning and executing major version upgrades
- Evaluating and onboarding new dependencies
- Auditing installed dependencies and their usage
Nicht-Ziele
- General code review
- Infrastructure vulnerability scanning
- Pinning vendor or service contracts
- Performance impact analysis of dependencies
Installation
npx skills add rampstackco/claude-skillsFührt das Vercel skills CLI (skills.sh) via npx aus — benötigt Node.js lokal und mindestens einen installierten skills-kompatiblen Agent (Claude Code, Cursor, Codex, …). Setzt voraus, dass das Repo dem agentskills.io-Format folgt.
Qualitätspunktzahl
VerifiziertVertrauenssignale
Ähnliche Erweiterungen
Audit Dependency Versions
100Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.
Clawsec Scanner
100Automated vulnerability scanner for agent platforms. Performs dependency scanning (npm audit, pip-audit), multi-database CVE lookup (OSV, NVD, GitHub Advisory), SAST analysis (Semgrep, Bandit), and agent-specific DAST hook execution testing for OpenClaw hooks.
Dependency Audit
95Dependency audit and cleanup workflow for maintaining healthy project dependencies. Use for regular maintenance, security updates, and removing unused packages.
Soul Guardian
100Drift detection + baseline integrity guard for agent workspace files with automatic alerting support
Janitor Report
100Umfassende Zustandsprüfung aller Ihrer Skills in einem Bericht. Verwenden Sie dies, wenn der Benutzer nach Fehlern suchen, Duplikate finden, defekte Skills erkennen oder eine vollständige Übersicht über den Zustand der Skills erhalten möchte.
Janitor Audit
100Zeige alle deine installierten Skills an