dependency-resolver
Identify, analyze, and manage software dependencies before deployment. Use this skill when preparing applications for deployment, resolving dependency conflicts, updating dependencies, auditing security vulnerabilities, managing package versions, or troubleshooting dependency-related issues. Supports multiple package managers (npm, pip, maven, cargo, go mod, composer) and provides actionable recommendations for dependency management.
77
75%
Does it follow best practices?
Impact
71%
1.02xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/dependency-resolver/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a well-crafted skill description that excels across all dimensions. It provides specific concrete actions, includes natural trigger terms users would actually say, explicitly states both what the skill does and when to use it, and carves out a distinct niche in dependency management that won't conflict with other skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'Identify, analyze, and manage software dependencies', 'resolving dependency conflicts', 'updating dependencies', 'auditing security vulnerabilities', 'managing package versions', 'troubleshooting dependency-related issues'. Also specifies supported package managers. | 3 / 3 |
Completeness | Clearly answers both what ('Identify, analyze, and manage software dependencies') AND when with explicit 'Use this skill when...' clause covering multiple trigger scenarios including deployment prep, conflict resolution, security auditing, and troubleshooting. | 3 / 3 |
Trigger Term Quality | Excellent coverage of natural terms users would say: 'deployment', 'dependency conflicts', 'security vulnerabilities', 'package versions', plus specific package manager names (npm, pip, maven, cargo, go mod, composer) that users would naturally mention. | 3 / 3 |
Distinctiveness Conflict Risk | Clear niche focused specifically on dependency management with distinct triggers like 'dependency conflicts', 'package versions', and specific package manager names. Unlikely to conflict with general coding or deployment skills due to the specific dependency focus. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
50%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill is comprehensive and highly actionable with excellent concrete examples, but suffers from severe verbosity. It explains concepts Claude already knows (dependency types, CVEs, semver basics) and includes extensive reference material that should be in separate files. The workflow exists but lacks explicit validation checkpoints and error recovery loops.
Suggestions
Reduce content by 70%+ by removing explanations of concepts Claude knows (dependency types, what CVEs are, basic semver) and moving reference tables (version syntax, command references) to the referenced ecosystem-specific files
Add explicit validation checkpoints to the workflow, e.g., 'After Step 3, verify no conflicts exist before proceeding' with specific commands to run
Move the 'Common Issues and Solutions' and 'Version Constraint Syntax' sections to reference files, keeping only a brief mention with links
Consolidate the 7 patterns into 2-3 most critical ones with the rest in a patterns reference file
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | Extremely verbose at 600+ lines. Explains basic concepts Claude already knows (what direct vs transitive dependencies are, what CVEs are, basic semver syntax). Lists every package manager's syntax when Claude can look these up. Much of this is reference material that doesn't need to be in the skill body. | 1 / 3 |
Actionability | Provides concrete, executable commands and code examples throughout. The npm, pip, maven, and other commands are copy-paste ready. The patterns section shows specific JSON/code examples with clear before/after solutions. | 3 / 3 |
Workflow Clarity | Has a 5-step workflow and a pre-deployment checklist, but lacks explicit validation checkpoints and feedback loops. Steps like 'Detect Issues' and 'Propose Solutions' are descriptive rather than actionable sequences. Missing 'if X fails, do Y' recovery patterns for the main workflow. | 2 / 3 |
Progressive Disclosure | References ecosystem-specific guides at the end, but the main body is a monolithic wall of content. The version constraint syntax, commands reference, and common issues sections should be in separate reference files. The skill tries to be comprehensive inline rather than providing a concise overview with pointers. | 2 / 3 |
Total | 8 / 12 Passed |
Validation
90%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 10 / 11 Passed
Validation for skill structure
| Criteria | Description | Result |
|---|---|---|
skill_md_line_count | SKILL.md is long (804 lines); consider splitting into references/ and linking | Warning |
Total | 10 / 11 Passed | |
- Repository
- ArabelaTso/Skills-4-SE
- Commit
0f00a4f
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.