dependency-resolver

Identify, analyze, and manage software dependencies before deployment. Use this skill when preparing applications for deployment, resolving dependency conflicts, updating dependencies, auditing security vulnerabilities, managing package versions, or troubleshooting dependency-related issues. Supports multiple package managers (npm, pip, maven, cargo, go mod, composer) and provides actionable recommendations for dependency management.

1.02x

Quality

75%

Does it follow best practices?

Impact

71%

1.02x

Average score across 3 eval scenarios

Securityby

Advisory

Suggest reviewing before use

Fix and improve this skill with Tessl

tessl review fix ./skills/dependency-resolver/SKILL.md

Quality

Content

50%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill is comprehensive and highly actionable with excellent concrete examples, but suffers from severe verbosity. It explains concepts Claude already knows (dependency types, CVEs, semver basics) and includes extensive reference material that should be in separate files. The workflow exists but lacks explicit validation checkpoints and error recovery loops.

Suggestions

Reduce content by 70%+ by removing explanations of concepts Claude knows (dependency types, what CVEs are, basic semver) and moving reference tables (version syntax, command references) to the referenced ecosystem-specific files

Add explicit validation checkpoints to the workflow, e.g., 'After Step 3, verify no conflicts exist before proceeding' with specific commands to run

Move the 'Common Issues and Solutions' and 'Version Constraint Syntax' sections to reference files, keeping only a brief mention with links

Consolidate the 7 patterns into 2-3 most critical ones with the rest in a patterns reference file

Dimension	Reasoning	Score
Conciseness	Extremely verbose at 600+ lines. Explains basic concepts Claude already knows (what direct vs transitive dependencies are, what CVEs are, basic semver syntax). Lists every package manager's syntax when Claude can look these up. Much of this is reference material that doesn't need to be in the skill body.	1 / 3
Actionability	Provides concrete, executable commands and code examples throughout. The npm, pip, maven, and other commands are copy-paste ready. The patterns section shows specific JSON/code examples with clear before/after solutions.	3 / 3
Workflow Clarity	Has a 5-step workflow and a pre-deployment checklist, but lacks explicit validation checkpoints and feedback loops. Steps like 'Detect Issues' and 'Propose Solutions' are descriptive rather than actionable sequences. Missing 'if X fails, do Y' recovery patterns for the main workflow.	2 / 3
Progressive Disclosure	References ecosystem-specific guides at the end, but the main body is a monolithic wall of content. The version constraint syntax, commands reference, and common issues sections should be in separate reference files. The skill tries to be comprehensive inline rather than providing a concise overview with pointers.	2 / 3
	Total	8 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a well-crafted skill description that excels across all dimensions. It provides specific concrete actions, includes natural trigger terms users would actually say, explicitly states both what the skill does and when to use it, and carves out a distinct niche in dependency management that won't conflict with other skills.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'Identify, analyze, and manage software dependencies', 'resolving dependency conflicts', 'updating dependencies', 'auditing security vulnerabilities', 'managing package versions', 'troubleshooting dependency-related issues'. Also specifies supported package managers.	3 / 3
Completeness	Clearly answers both what ('Identify, analyze, and manage software dependencies') AND when with explicit 'Use this skill when...' clause covering multiple trigger scenarios including deployment prep, conflict resolution, security auditing, and troubleshooting.	3 / 3
Trigger Term Quality	Excellent coverage of natural terms users would say: 'deployment', 'dependency conflicts', 'security vulnerabilities', 'package versions', plus specific package manager names (npm, pip, maven, cargo, go mod, composer) that users would naturally mention.	3 / 3
Distinctiveness Conflict Risk	Clear niche focused specifically on dependency management with distinct triggers like 'dependency conflicts', 'package versions', and specific package manager names. Unlikely to conflict with general coding or deployment skills due to the specific dependency focus.	3 / 3
	Total	12 / 12 Passed

Validation

90%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 10 / 11 Passed

Validation for skill structure

Criteria	Description	Result
skill_md_line_count	SKILL.md is long (804 lines); consider splitting into references/ and linking	Warning

	Total	10 / 11 Passed

Repository: ArabelaTso/Skills-4-SE
Commit: 0f00a4f

Reviewed: 4 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.