{"id":"b6c7421f-b809-49a2-8f6c-f7fc8cccb852","shortId":"prKaBt","kind":"skill","title":"deps-audit","tagline":"Check dependencies for vulnerabilities. Use when user asks to \"audit dependencies\", \"/deps-audit\", \"check for vulnerabilities\", or wants to check dependency health. Don't use for yarn, pnpm, or bun projects (npm only), or for reviewing code quality.","description":"# Dependency Audit\n\n## Commands\n\nRun in parallel:\n- `npm audit`\n- `npm outdated`\n\n## Workflow\n\n1. Run audit and outdated check in parallel\n2. Report vulnerabilities with CVE + fix command using severity table below\n3. List outdated packages: table of package/current/latest/type (major vs minor/patch)\n4. Check for unused deps: grep imports in `src/`\n\n## Severity Levels\n\n| Level | CVSS | Action |\n|---|---|---|\n| **Critical** | 9.0-10.0 | Fix immediately, block merge |\n| **High** | 7.0-8.9 | Fix before next release |\n| **Moderate** | 4.0-6.9 | Fix in current sprint |\n| **Low** | 0.1-3.9 | Fix when convenient |\n\nFor each critical/high vulnerability report:\n```\nPackage: <name>@<version>\nCVE: CVE-YYYY-XXXXX\nSeverity: Critical\nDescription: <one line>\nFix: npm audit fix --force  (or: npm install <pkg>@<safe-version>)\n```\n\n## Rules\n\n- Never use `npx` directly\n- Focus on actionable items\n- Prioritize: security > major updates > unused > minor updates\n\n## Error Handling\n\n- `npm audit` fails -- run `npm install` first to generate `package-lock.json`, then retry\n- `npm outdated` returns nothing -- report all dependencies are current\n- `npm` not found -- report incompatibility; this skill requires npm","tags":["deps","audit","agent","skills","helderberto","agent-skills","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli"],"capabilities":["skill","source-helderberto","skill-deps-audit","topic-agent-skills","topic-ai-tools","topic-antigravity","topic-claude-code","topic-cursor","topic-developer-tools","topic-gemini-cli","topic-markdown","topic-plugin","topic-sdlc","topic-skills","topic-tracer-bullet"],"categories":["agent-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/helderberto/agent-skills/deps-audit","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add helderberto/agent-skills","source_repo":"https://github.com/helderberto/agent-skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,206 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:12.932Z","embedding":null,"createdAt":"2026-05-18T13:14:52.922Z","updatedAt":"2026-05-18T19:09:12.932Z","lastSeenAt":"2026-05-18T19:09:12.932Z","tsv":"'-10.0':97 '-3.9':118 '-6.9':111 '-8.9':104 '/deps-audit':15 '0.1':117 '1':52 '2':60 '3':71 '4':81 '4.0':110 '7.0':103 '9.0':96 'action':94,151 'ask':11 'audit':3,13,42,48,54,138,163 'block':100 'bun':32 'check':4,16,22,57,82 'code':39 'command':43,66 'conveni':121 'critic':95,134 'critical/high':124 'current':114,182 'cve':64,128,130 'cve-yyyy-xxxxx':129 'cvss':93 'dep':2,85 'depend':5,14,23,41,180 'deps-audit':1 'descript':135 'direct':148 'error':160 'fail':164 'first':168 'fix':65,98,105,112,119,136,139 'focus':149 'forc':140 'found':185 'generat':170 'grep':86 'handl':161 'health':24 'high':102 'immedi':99 'import':87 'incompat':187 'instal':143,167 'item':152 'level':91,92 'list':72 'low':116 'major':78,155 'merg':101 'minor':158 'minor/patch':80 'moder':109 'never':145 'next':107 'noth':177 'npm':34,47,49,137,142,162,166,174,183,191 'npx':147 'outdat':50,56,73,175 'packag':74,127 'package-lock.json':171 'package/current/latest/type':77 'parallel':46,59 'pnpm':30 'priorit':153 'project':33 'qualiti':40 'releas':108 'report':61,126,178,186 'requir':190 'retri':173 'return':176 'review':38 'rule':144 'run':44,53,165 'secur':154 'sever':68,90,133 'skill':189 'skill-deps-audit' 'source-helderberto' 'sprint':115 'src':89 'tabl':69,75 'topic-agent-skills' 'topic-ai-tools' 'topic-antigravity' 'topic-claude-code' 'topic-cursor' 'topic-developer-tools' 'topic-gemini-cli' 'topic-markdown' 'topic-plugin' 'topic-sdlc' 'topic-skills' 'topic-tracer-bullet' 'unus':84,157 'updat':156,159 'use':8,27,67,146 'user':10 'vs':79 'vulner':7,18,62,125 'want':20 'workflow':51 'xxxxx':132 'yarn':29 'yyyi':131","prices":[{"id":"67cc239b-f12d-4f2c-941f-18a0f9e7df0c","listingId":"b6c7421f-b809-49a2-8f6c-f7fc8cccb852","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"helderberto","category":"agent-skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:14:52.922Z"}],"sources":[{"listingId":"b6c7421f-b809-49a2-8f6c-f7fc8cccb852","source":"github","sourceId":"helderberto/agent-skills/deps-audit","sourceUrl":"https://github.com/helderberto/agent-skills/tree/main/skills/deps-audit","isPrimary":false,"firstSeenAt":"2026-05-18T13:14:52.922Z","lastSeenAt":"2026-05-18T19:09:12.932Z"}],"details":{"listingId":"b6c7421f-b809-49a2-8f6c-f7fc8cccb852","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"helderberto","slug":"deps-audit","github":{"repo":"helderberto/agent-skills","stars":8,"topics":["agent-skills","ai","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown","plugin","sdlc","skills","tracer-bullet"],"license":"mit","html_url":"https://github.com/helderberto/agent-skills","pushed_at":"2026-05-14T11:37:47Z","description":"My personal SDLC toolbelt for AI coding agents — PRD to ship.","skill_md_sha":"7834d1bf34c95cbfc629fb9866bee1ce0369e9a7","skill_md_path":"skills/deps-audit/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/helderberto/agent-skills/tree/main/skills/deps-audit"},"layout":"multi","source":"github","category":"agent-skills","frontmatter":{"name":"deps-audit","description":"Check dependencies for vulnerabilities. Use when user asks to \"audit dependencies\", \"/deps-audit\", \"check for vulnerabilities\", or wants to check dependency health. Don't use for yarn, pnpm, or bun projects (npm only), or for reviewing code quality."},"skills_sh_url":"https://skills.sh/helderberto/agent-skills/deps-audit"},"updatedAt":"2026-05-18T19:09:12.932Z"}}