analyzing-dependencies
This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.
92
53%
Does it follow best practices?
Impact
96%
1.09xAverage score across 12 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./backups/skills-migration-20251108-070147/plugins/security/dependency-checker/skills/dependency-checker/SKILL.mdEvaluation results
92%
19%Pre-Deployment Dependency Review: PayFlow API
Vulnerability report structure and severity
Package manager identified
62%
100%
Vulnerability summary section
100%
100%
Detailed vulnerability info
100%
100%
Severity levels reported
100%
100%
Recommended fixes present
100%
100%
Outdated packages section
50%
100%
Update type classification
16%
33%
License compliance section
0%
100%
Known vulnerable packages flagged
100%
100%
Actionable remediation guidance
100%
100%
100%
28%Full-Stack Dependency Health Check: DataStream Platform
Multi-package-manager detection
npm detected
50%
100%
pip detected
50%
100%
Both ecosystems covered
100%
100%
Frontend vulnerabilities
100%
100%
Backend vulnerabilities
100%
100%
Known vulnerable npm packages
100%
100%
Known vulnerable Python packages
100%
100%
Outdated packages section
75%
100%
License compliance mentioned
0%
100%
Scheduling recommendation
0%
100%
Severity levels
100%
100%
92%
2%Dependency License Assessment: Meridian Acquisition Due Diligence
License compliance and integration reporting
Package manager identified
62%
75%
License compliance section
100%
100%
Per-package license listed
100%
100%
GPL flagged
100%
100%
AGPL flagged
100%
100%
Proprietary license flagged
100%
100%
License risk explanation
100%
100%
Vulnerability summary included
12%
25%
Actionable next steps
100%
100%
Ongoing compliance recommendation
100%
100%
92%
11%Pre-Launch Security Audit for PHP Platform
Composer detection, pre-deployment check
Composer identified
100%
100%
Vulnerability summary present
100%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Recommended fixes per vulnerability
100%
100%
Outdated packages section
50%
100%
Update type classification
30%
20%
License compliance section
0%
100%
Known vulnerable package flagged
100%
100%
Pre-deployment framing
100%
100%
Actionable remediation guidance
100%
100%
85%
8%Quarterly Security Audit for Payment Microservice
Go modules detection and analysis
Go modules identified
100%
50%
Vulnerability summary present
75%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Recommended fixes present
100%
100%
Outdated packages section
50%
100%
Update type classification
10%
0%
License compliance section
0%
100%
Known vulnerable package flagged
100%
100%
golang.org/x/crypto flagged
100%
100%
Prioritized remediation
100%
100%
100%
22%Dependency Compliance Package for External Security Audit
Gem detection, integration, compliance report
Gem/Bundler identified
100%
100%
Vulnerability summary present
100%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Outdated packages section
66%
100%
Update type classification
0%
100%
License compliance section
0%
100%
Known vulnerable gems flagged
100%
100%
Remediation actions file produced
100%
100%
PR-ready remediation format
100%
100%
Scheduling recommendation
0%
100%
Recommended fixes present
100%
100%
100%
6%Python API Security Audit
pip standalone detection and full report
pip identified
100%
100%
Vulnerability summary section
100%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Recommended fixes present
100%
100%
Known vulnerable packages flagged
100%
100%
Outdated packages section
100%
100%
Update type classification
40%
100%
License compliance section
100%
100%
Prioritized remediation
100%
100%
Actionable next steps
100%
100%
100%
6%Full-Stack Dependency Health Check
npm and Go modules multi-manager detection
npm detected
100%
100%
Go modules detected
100%
100%
Both ecosystems covered
100%
100%
Frontend vulnerabilities
100%
100%
Backend vulnerabilities
100%
100%
Known vulnerable npm packages
100%
100%
Known vulnerable Go packages
100%
100%
Severity levels reported
100%
100%
Outdated packages section
100%
100%
Update type classification
25%
100%
License compliance section
100%
100%
Recommended fixes present
100%
100%
96%
7%Dependency Monitoring Program Setup
Scheduling recommendations and PR-ready remediation
npm identified
100%
100%
Vulnerability summary section
100%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Outdated packages section
66%
100%
Update type classification
62%
50%
License compliance section
0%
100%
Known vulnerable packages flagged
100%
100%
Separate remediation file produced
100%
100%
PR-ready remediation format
100%
100%
Scheduling recommendation
100%
100%
Update reason provided
100%
100%
99%
2%Data Analytics Platform Dependency Review
Gem and pip multi-manager detection and analysis
Gem detected
100%
100%
pip detected
80%
100%
Both ecosystems analyzed
100%
100%
Vulnerability summary section
100%
100%
Severity levels reported
100%
100%
Outdated packages section
100%
100%
Update type classification
90%
90%
License compliance section
100%
100%
Known vulnerable Ruby gem flagged
100%
100%
Known vulnerable Python package flagged
100%
100%
100%
Dependency Update Planning for Node.js Platform
npm update type classification and remediation planning
npm detected
100%
100%
Vulnerability summary section
100%
100%
Detailed vulnerability entries
100%
100%
Severity levels reported
100%
100%
Outdated packages section
100%
100%
Major update classification
100%
100%
Minor update classification
100%
100%
Patch update classification
100%
100%
License compliance section
100%
100%
Known vulnerable package flagged
100%
100%
Scheduling recommendation
100%
100%
PR-ready update format
100%
100%
100%
Full-Stack Application Security Audit
Composer and npm multi-manager detection
Composer detected
100%
100%
npm detected
100%
100%
Both ecosystems analyzed
100%
100%
Vulnerability summary section
100%
100%
Severity levels reported
100%
100%
Outdated packages section
100%
100%
Update type classification
100%
100%
License compliance section
100%
100%
Known vulnerable npm package flagged
100%
100%
Known vulnerable PHP package flagged
100%
100%
Recommended fixes present
100%
100%
- Commit
13d35b8
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.