1

    dependency-health-check

    by Zicheng Liao

    Automated security audit and health check for software dependencies across polyglot projects.

    Updated May 2026
    0 installs

    Free

    One-time purchase

    Included in download

    • Downloadable skill package
    • 2 permissions declared
    • Instant install

    Sample Output

    A real example of what this skill produces.

    | Package | Current | Latest | Severity | Notes | |---------|---------|--------|----------|-------| | lodash | 4.17.15 | 4.17.21| CRITICAL | CVE-2020-8203 (CVSS 7.4) | | request | 2.88.2 | N/A | CRITICAL | Officially Deprecated | | axios | 0.21.1 | 1.6.0 | WARNING | 1 Major version behind |

    About This Skill

    Comprehensive Dependency Risk Analysis

    Maintaining security and stability in a growing codebase is a constant struggle. This skill automates the tedious process of auditing your project's dependency tree, identifying everything from critical security vulnerabilities to unmaintained "ghost" packages. It provides a structured, multi-tier health report that helps developers prioritize maintenance tasks before they become technical debt.

    What it does

    The skill systematically scans your project to detect package managers, extract dependency versions, and cross-reference them against security advisories. It covers:

    • Security Auditing: Identifies known CVEs and vulnerabilities using local ecosystem tools and internal reference tables.
    • Maintenance Status: Flags deprecated packages or those that haven't seen an update in over 12 months.
    • Version Drift: Detects when production dependencies are falling behind major or minor releases.
    • Environment Integrity: Finds version conflicts across different manifests and identifies missing lockfiles.

    Supported Ecosystems

    This developer-centric tool is built to work across polyglot environments, supporting npm, yarn, pnpm (Node.js), pip, poetry (Python), Go modules, Cargo (Rust), Bundler (Ruby), and Maven (Java). Unlike basic prompting, this skill follows a deterministic classification framework to ensure your security findings are actionable and consistent.

    Use Cases

    • Identify high-severity CVEs in production dependencies.
    • Detect deprecated or unmaintained packages in a legacy codebase.
    • Audit version drift and major release gaps across multiple microservices.
    • Validate consistent package versions across different workspace manifests.

    Reviews

    No reviews yet - be the first to share your experience.

    Only users who have downloaded or purchased this skill can leave a review.

    Security Scanned

    Passed automated security review

    Permissions

    Terminal / Shell
    Network Access

    File Scopes

    references/**
    scripts/**
    assets/**

    Tags

    security
    dependencies
    devops
    audit
    vulnerability-scanning

    Creator

    Zicheng Liao

    Frequently Asked Questions

    Learn More About AI Agent Skills

    More Premium Skills

    software-architect

    A structured framework for planning, reviewing, and evolving complex software systems with explicit trade-offs.

    $52 installs

    subagent-orchestrator (Develop based on the Claude Code sourcemap)

    Turn your AI agent into a coordinator that manages parallel subagents for complex coding and research tasks.

    $52 installs

    designing-hybrid-context-layers

    Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.

    $1012 installs

    consumer-motivation-analyzer

    Go beyond surface-level feedback to uncover the psychological drivers and hidden motivations behind buyer behavior.

    $199 installs

    Free