Which package managers does it support?

The skill is optimized for environments using Bun, utilizing commands like 'bun outdated' and 'bun audit' for deep analysis, but can use standard grep and bash for general package.json tracking.

Can it help reduce my application's bundle size?

Yes, by identifying unused dependencies (packages listed in package.json but not imported in your code), it highlights candidates for removal to optimize your project.

Does this skill automatically update or install packages?

No, this skill is strictly for tracking and reporting. It identifies issues and provides recommendations, but it never modifies package.json or runs installation commands.

How does it know what versions are documented?

It searches the docs/infrastructure/ directory for markdown files that define your project's tech stack, parsing them for version numbers and purpose descriptions.

Dependency Tracker

Name: Dependency Tracker
Author: sovrium

bysovrium

•

보안 및 테스팅

Audits and aligns project dependencies with infrastructure documentation to ensure security, consistency, and clean codebases.

The Dependency Tracker skill empowers Claude to perform exhaustive audits of your project's package ecosystem. By cross-referencing package.json against local infrastructure documentation, it identifies undocumented libraries, version mismatches, and security vulnerabilities. It helps maintain project health by detecting unused dependencies and missing peer requirements, providing a deterministic report that guides developers toward better dependency governance without making unauthorized changes to the source code.

주요 기능

01Flags security vulnerabilities with severity-based reporting

022 GitHub stars

03Identifies undocumented, outdated, or misaligned dependencies

04Generates comprehensive dependency health reports and action plans

05Cross-references installed packages with infrastructure documentation

06Detects unused packages to optimize bundle size and install time

사용 사례

01Identifying security risks and bloat in legacy or large-scale repositories

02Conducting automated project health audits during development cycles

03Enforcing architectural alignment between codebase and infrastructure docs

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sovrium/sovrium tracking-dependencies

For use in Claude.ai and ChatGPT

Download Skill