How do I start a dependency scan in Claude Code?

You can trigger the skill by using natural language commands like 'check dependencies', 'scan for vulnerabilities', or the shortcut command '/depcheck'.

How does it identify security vulnerabilities?

It scans your project manifest files (like package.json or requirements.txt) and compares your dependencies against known vulnerability databases and CVE lists.

Does it check for legal issues with licenses?

Yes, the skill audits your dependencies for license types to help you ensure that your project complies with your organization's open-source policy.

Can it help me update my outdated packages?

Yes, the skill identifies packages with newer versions available and provides a report highlighting major, minor, and patch updates to guide your maintenance.

Which package managers does the Dependency Checker support?

The skill currently supports npm (JavaScript/TypeScript), pip (Python), composer (PHP), gem (Ruby), and go modules (Go).

Dependency Security Scanner

Name: Dependency Security Scanner
Author: jeremylongshore

byjeremylongshore

•

883

セキュリティとテスト

Scans project dependencies for security vulnerabilities, outdated packages, and license compliance issues across multiple package managers.

概要

This skill empowers developers to maintain secure and healthy software projects by automatically analyzing manifest files for known security vulnerabilities (CVEs), version lags, and licensing conflicts. It supports a wide range of ecosystems including npm, pip, composer, gem, and go modules, providing comprehensive reports that highlight risks and suggest specific remediation steps. Whether used as a pre-deployment check or a routine audit, this skill helps ensure your application remains secure and legally compliant with minimal manual effort.

主な機能

883 GitHub stars
Automatic detection of outdated packages with recommended update paths
Detailed health reports summarizing severity rankings and remediation tips
Multi-ecosystem support for npm, pip, composer, gem, and go modules
License compliance auditing to identify potential legal risks
Real-time scanning against known vulnerability databases (CVEs)

ユースケース

Identifying and prioritizing package updates to fix performance bugs
Performing mandatory security audits before deploying code to production
Ensuring project dependencies adhere to corporate open-source licensing policies

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills dependency-checker

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要