Dependency Auditor
Skill 已验证Audit npm dependencies for security vulnerabilities, outdated packages, and unused dependencies. Use when checking for security issues, updating packages, or cleaning up dependencies.
This skill provides a comprehensive guide and specific commands for auditing npm dependencies. It covers security vulnerabilities, outdated packages, unused dependencies, and bundle size analysis, offering strategies for updates and best practices for lock files.
Documentation
- info:Configuration & parameter referenceWhile the commands are clear, the skill does not explicitly document default parameters or precedence order for any configuration files it might implicitly use.
Versioning
- info:Release ManagementThe SKILL.md frontmatter is missing a version field, and there are no GitHub release tags or CHANGELOG.md for this specific skill, meaning versioning is not explicitly managed.
Code Execution
- warning:ValidationWhile the commands themselves perform validation, the skill does not explicitly detail parameter validation or sanitization beyond what the underlying npm commands provide.
安装
npx skills add onewave-ai/claude-skills通过 npx 运行 Vercel skills CLI(skills.sh)— 需要本地安装 Node.js,以及至少一个兼容 skills 的智能体(Claude Code、Cursor、Codex 等)。前提是仓库遵循 agentskills.io 格式。
类似扩展
Dependency Scan
98Detect CVEs and security issues in project dependencies. Use when you need to analyze packages for known vulnerabilities across npm, pip, cargo, and other ecosystems.
npx CLI Tool Development (Bun-First)
98Build and publish npx-executable CLI tools using Bun as the primary toolchain with npm-compatible output. Use when the user wants to create a new CLI tool, set up a command-line package for npx execution, configure argument parsing and terminal output, or publish a CLI to npm. Covers scaffolding, citty arg parsing, sub-commands, terminal UX, strict TypeScript, Biome + ESLint linting, Vitest testing, Bunup bundling, and publishing workflows. Keywords: npx, cli, command-line, binary, bin, tool, bun, citty, commander, terminal, publish, typescript, biome, vitest.
Code Review Expert
95Expert code review of current git changes with a senior engineer lens. Detects SOLID violations, security risks, and proposes actionable improvements.
Shannon Skill
98Autonomous AI pentester for web apps and APIs. Run white-box security assessments with Shannon — analyzes source code, identifies attack vectors, and executes real exploits to prove vulnerabilities. Triggered by 'shannon', 'pentest', 'security audit', 'vuln scan'.
Secrets Scan
98Detect API keys, passwords, tokens, and other secrets in code. Use when you need to find hardcoded credentials and sensitive data in source code.
Fix Linking
98Design or audit internal link structure for a website. Use when the user asks about internal linking, link architecture, orphan pages, PageRank flow, anchor text, site structure, silo architecture, or why pages aren't ranking despite good content. For external link building, see build-links.