Agent Skills: Dependency Analysis Skill

Analyze project dependencies for security vulnerabilities, outdated

UncategorizedID: vneseyoungster/chocovine/dependency-analysis

Install this agent skill to your local

pnpm dlx add-skill https://github.com/vneseyoungster/ChocoVine/tree/HEAD/.claude/skills/research/dependency-analysis

Skill Files

Browse the full folder contents for dependency-analysis.

Download Skill

Loading file tree…

.claude/skills/research/dependency-analysis/SKILL.md

Skill Metadata

Name
dependency-analysis
Description
Analyze project dependencies for security vulnerabilities, outdated

Dependency Analysis Skill

Purpose

Systematic analysis of project dependencies for security and maintenance.

When to Use

  • Security audits
  • Before adding new dependencies
  • Planning version upgrades
  • Regular maintenance checks

Analysis Process

Step 1: Identify Package Manager

Detect from files:

  • package-lock.json / yarn.lock / pnpm-lock.yaml → Node.js
  • requirements.txt / Pipfile.lock / poetry.lock → Python
  • go.sum → Go

Step 2: Run Security Audit

Execute appropriate command:

# Node.js
npm audit --json || yarn audit --json

# Python (if pip-audit installed)
pip-audit --format json

# Go
govulncheck ./...

Step 3: Check Outdated

# Node.js
npm outdated --json

# Python
pip list --outdated --format json

# Go
go list -u -m all

Step 4: Analyze Results

Categorize findings:

  • Critical: Security vulnerabilities with known exploits
  • High: Security issues or major version behind
  • Medium: Minor version behind or deprecated
  • Low: Patch version behind

Output Format

Use templates/dep-report.md

Storage Location

Save to: docs/research/dependency-audit-{date}.md

Dependency Analysis Skill Skill | Agent Skills