jeremylongshore

skill-adapter

@jeremylongshore/skill-adapter
jeremylongshore
899
106 forks
Updated 1/6/2026
View on GitHub

Analyzing Dependencies: This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.

Installation

$skills install @jeremylongshore/skill-adapter
Claude Code
Cursor
Copilot
Codex
Antigravity

Details

Repositoryjeremylongshore/claude-code-plugins-plus-skills
Pathbackups/plugin-enhancements/plugin-backups/dependency-checker_20251019_233852/skills/skill-adapter/SKILL.md
Branchmain
Scoped Name@jeremylongshore/skill-adapter

Usage

After installing, this skill will be available to your AI coding assistant.

Verify installation:

skills list

Skill Instructions

name: Analyzing Dependencies description: | This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.

Overview

This skill empowers Claude to automatically analyze your project's dependencies for security vulnerabilities, outdated packages, and license compliance issues. It uses the dependency-checker plugin to identify potential risks and provides insights for remediation.

How It Works

  1. Detecting Package Manager: The skill identifies the relevant package manager (npm, pip, composer, gem, go modules) based on the presence of manifest files (e.g., package.json, requirements.txt, composer.json).
  2. Scanning Dependencies: The skill utilizes the dependency-checker plugin to scan the identified dependencies against known vulnerability databases (CVEs), outdated package lists, and license information.
  3. Generating Report: The skill presents a comprehensive report summarizing the findings, including vulnerability summaries, detailed vulnerability information, outdated packages with recommended updates, and license compliance issues.

When to Use This Skill

This skill activates when you need to:

  • Check a project for known security vulnerabilities in its dependencies.
  • Identify outdated packages that may contain security flaws or performance issues.
  • Ensure that the project's dependencies comply with licensing requirements.

Examples

Example 1: Identifying Vulnerabilities Before Deployment

User request: "Check dependencies for vulnerabilities before deploying to production."

The skill will:

  1. Detect the relevant package manager (e.g., npm).
  2. Scan the project's dependencies for known vulnerabilities using the dependency-checker plugin.
  3. Generate a report highlighting any identified vulnerabilities, their severity, and recommended fixes.

Example 2: Updating Outdated Packages

User request: "Scan for outdated packages and suggest updates."

The skill will:

  1. Detect the relevant package manager (e.g., pip).
  2. Scan the project's dependencies for outdated packages.
  3. Generate a report listing the outdated packages and their available updates, including major, minor, and patch releases.

Best Practices

  • Regular Scanning: Schedule dependency checks regularly (e.g., weekly or monthly) to stay informed about new vulnerabilities and updates.
  • Pre-Deployment Checks: Always run a dependency check before deploying any code to production to prevent introducing vulnerable dependencies.
  • Review and Remediation: Carefully review the generated reports and take appropriate action to remediate identified vulnerabilities and update outdated packages.

Integration

This skill seamlessly integrates with other Claude Code tools, allowing you to use the identified vulnerabilities to guide further actions, such as automatically creating pull requests to update dependencies or generating security reports for compliance purposes.

More by jeremylongshore

View all
sugar
919

managing-autonomous-development: Enables Claude to manage Sugar's autonomous development workflows. It allows Claude to create tasks, view the status of the system, review pending tasks, and start autonomous execution mode. Use this skill when the user asks to create a new development task using `/sugar-task`, check the system status with `/sugar-status`, review pending tasks via `/sugar-review`, or initiate autonomous development using `/sugar-run`. It provides a comprehensive interface for interacting with the Sugar autonomous development system.

skill-adapter
919

Scanning Container Security: This skill enables Claude to scan container images and running containers for vulnerabilities using tools like Trivy and Snyk. It identifies potential security risks in container environments. Use this skill when the user requests a security assessment of a container image, asks to identify vulnerabilities in a container, or wants to improve the security posture of their containerized applications. Trigger terms include "scan container," "container security," "vulnerability assessment," "Trivy scan," or "Snyk scan."

skill-adapter
919

Scanning for Data Privacy Issues: This skill enables Claude to automatically scan code and configuration files for potential data privacy vulnerabilities using the data-privacy-scanner plugin. It identifies sensitive data exposure, compliance violations, and other privacy-related risks. Use this skill when the user requests to "scan for data privacy issues", "check privacy compliance", "find PII leaks", "identify GDPR violations", or needs a "privacy audit" of their codebase. The skill is most effective when used on projects involving personal data, financial information, or health records.

skill-adapter
919

Managing Database Testing: This skill manages database testing by generating test data, wrapping tests in transactions, and validating database schemas. It is used to create robust and reliable database interactions. Claude uses this skill when the user requests database testing utilities, including test data generation, transaction management, schema validation, or migration testing. Trigger this skill by mentioning "database testing," "test data factories," "transaction rollback," "schema validation," or using the `/db-test` or `/dbt` commands.