{"id":"5cc53a46-b9a7-45b9-8dcf-78fac70d5aab","shortId":"qVXzNP","kind":"skill","title":"security-scanning-security-dependencies","tagline":"You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.","description":"# Dependency Vulnerability Scanning\n\nYou are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.\n\n## Use this skill when\n\n- Auditing dependencies for vulnerabilities or license risks\n- Generating SBOMs for compliance or supply chain visibility\n- Planning remediation for outdated or vulnerable packages\n- Standardizing dependency scanning across ecosystems\n\n## Do not use this skill when\n\n- You only need runtime security testing\n- There is no dependency manifest or lockfile\n- The environment blocks running security scanners\n\n## Context\nThe user needs comprehensive dependency security analysis to identify vulnerable packages, outdated dependencies, and license compliance issues. Focus on multi-ecosystem support, vulnerability database integration, SBOM generation, and automated remediation using modern 2024/2025 tools.\n\n## Requirements\n$ARGUMENTS\n\n## Instructions\n\n- Clarify goals, constraints, and required inputs.\n- Apply relevant best practices and validate outcomes.\n- Provide actionable steps and verification.\n- If detailed examples are required, open `resources/implementation-playbook.md`.\n\n## Safety\n\n- Avoid running auto-fix or upgrade steps without approval.\n- Treat dependency changes as release-impacting and test accordingly.\n\n## Resources\n\n- `resources/implementation-playbook.md` for detailed patterns and examples.\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["security","scanning","dependencies","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding"],"capabilities":["skill","source-sickn33","skill-security-scanning-security-dependencies","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/security-scanning-security-dependencies","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34583 github stars · SKILL.md body (1,861 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T18:52:12.498Z","embedding":null,"createdAt":"2026-04-18T21:44:06.825Z","updatedAt":"2026-04-22T18:52:12.498Z","lastSeenAt":"2026-04-22T18:52:12.498Z","tsv":"'2024/2025':163 'accord':213 'across':25,60,102 'action':182 'analysi':15,50,136 'appli':174 'approv':203 'argument':166 'ask':254 'assess':31,66 'audit':77 'auto':197 'auto-fix':196 'autom':35,70,159 'avoid':194 'best':176 'block':125 'boundari':262 'chain':20,55,90 'chang':206 'clarif':256 'clarifi':168 'clear':229 'complianc':87,145 'comprehens':133 'constraint':170 'context':129 'criteria':265 'databas':154 'depend':5,13,24,38,48,59,78,100,119,134,142,205 'describ':233 'detail':187,217 'ecosystem':27,62,103,151 'environ':124,245 'environment-specif':244 'exampl':188,220 'expert':10,45,250 'fix':198 'focus':147 'generat':17,52,84,157 'goal':169 'identifi':29,64,138 'impact':210 'input':173,259 'instruct':167 'integr':155 'issu':146 'licens':82,144 'limit':221 'lockfil':122 'manifest':120 'match':230 'miss':267 'modern':162 'multi':150 'multi-ecosystem':149 'multipl':26,61 'need':112,132 'open':191 'outcom':180 'outdat':95,141 'output':239 'packag':98,140 'pattern':218 'permiss':260 'plan':92 'practic':177 'project':23,58 'provid':34,69,181 'releas':209 'release-impact':208 'relev':175 'remedi':36,71,93,160 'requir':165,172,190,258 'resourc':214 'resources/implementation-playbook.md':192,215 'review':251 'risk':32,67,83 'run':126,195 'runtim':113 'safeti':193,261 'sbom':16,51,85,156 'scan':3,22,40,57,101 'scanner':128 'scope':232 'secur':2,4,9,21,44,56,114,127,135 'security-scanning-security-depend':1 'skill':75,108,224 'skill-security-scanning-security-dependencies' 'source-sickn33' 'special':11,46 'specif':246 'standard':99 'step':183,201 'stop':252 'strategi':37,72 'substitut':242 'success':264 'suppli':19,54,89 'support':152 'task':228 'test':115,212,248 'tool':164 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'treat':204,237 'upgrad':200 'use':73,106,161,222 'user':131 'valid':179,247 'verif':185 'visibl':91 'vulner':14,30,39,49,65,80,97,139,153 'without':202","prices":[{"id":"24e19572-c864-46e0-9c4a-0389822b1575","listingId":"5cc53a46-b9a7-45b9-8dcf-78fac70d5aab","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:44:06.825Z"}],"sources":[{"listingId":"5cc53a46-b9a7-45b9-8dcf-78fac70d5aab","source":"github","sourceId":"sickn33/antigravity-awesome-skills/security-scanning-security-dependencies","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/security-scanning-security-dependencies","isPrimary":false,"firstSeenAt":"2026-04-18T21:44:06.825Z","lastSeenAt":"2026-04-22T18:52:12.498Z"}],"details":{"listingId":"5cc53a46-b9a7-45b9-8dcf-78fac70d5aab","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"security-scanning-security-dependencies","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34583,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"fa17233eb3f1c9f5383c62415245b7cc918f53a0","skill_md_path":"skills/security-scanning-security-dependencies/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/security-scanning-security-dependencies"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"security-scanning-security-dependencies","description":"You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/security-scanning-security-dependencies"},"updatedAt":"2026-04-22T18:52:12.498Z"}}