Skillquality 0.45
deps-audit
Check dependencies for vulnerabilities. Use when user asks to "audit dependencies", "/deps-audit", "check for vulnerabilities", or wants to check dependency health. Don't use for yarn, pnpm, or bun projects (npm only), or for reviewing code quality.
What it does
Dependency Audit
Commands
Run in parallel:
npm auditnpm outdated
Workflow
- Run audit and outdated check in parallel
- Report vulnerabilities with CVE + fix command using severity table below
- List outdated packages: table of package/current/latest/type (major vs minor/patch)
- Check for unused deps: grep imports in
src/
Severity Levels
| Level | CVSS | Action |
|---|---|---|
| Critical | 9.0-10.0 | Fix immediately, block merge |
| High | 7.0-8.9 | Fix before next release |
| Moderate | 4.0-6.9 | Fix in current sprint |
| Low | 0.1-3.9 | Fix when convenient |
For each critical/high vulnerability report:
Package: <name>@<version>
CVE: CVE-YYYY-XXXXX
Severity: Critical
Description: <one line>
Fix: npm audit fix --force (or: npm install <pkg>@<safe-version>)
Rules
- Never use
npxdirectly - Focus on actionable items
- Prioritize: security > major updates > unused > minor updates
Error Handling
npm auditfails -- runnpm installfirst to generatepackage-lock.json, then retrynpm outdatedreturns nothing -- report all dependencies are currentnpmnot found -- report incompatibility; this skill requires npm
Capabilities
skillsource-helderbertoskill-deps-audittopic-agent-skillstopic-ai-toolstopic-antigravitytopic-claude-codetopic-cursortopic-developer-toolstopic-gemini-clitopic-markdowntopic-plugintopic-sdlctopic-skillstopic-tracer-bullet
Install
Installnpx skills add helderberto/agent-skills
Transportskills-sh
Protocolskill
Quality
0.45/ 1.00
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,206 chars)
Provenance
Indexed fromgithub
Enriched2026-05-18 19:09:12Z · deterministic:skill-github:v1 · v1
First seen2026-05-18
Last seen2026-05-18