Menü
Audit, update, and manage project dependencies safely.
Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.
Basierend auf der SOC-Berufsklassifikation
| name | deps |
| description | Audit, update, and manage project dependencies safely. |
Audit, update, and manage project dependencies safely.
/deps [action] [package] [--security] [--outdated]
action: audit, update, add, remove, outdated (default: audit)package: Specific package name (for add/remove/update)--security: Focus on security vulnerabilities only--outdated: Show only outdated packagesWhen this skill is invoked:
Autonomy:
Safety:
/deps audit)Check for security vulnerabilities and issues:
prd/00_technology.md for audit commands# Commands vary by stack (see prd/00_technology.md)
{dependency_audit_command}
/deps outdated)List packages with available updates:
Check for updates:
{outdated_command}
Categorize by update type:
Present update plan
/deps update [package])Update dependencies safely:
If specific package:
{update_package_command} <package>
If all packages (patch/minor only):
{update_all_command}
Verify after update:
{install_command}
{test_command}
{build_command}
Create commit:
chore(deps): update <package> to <version>
/deps add <package>)Add new dependency:
{add_package_command} <package>
{test_command}
/deps remove <package>)Remove dependency:
{remove_package_command} <package>
{test_command}
## Dependency Audit Report
**Date:** YYYY-MM-DD
**Total packages:** X
**Direct dependencies:** Y
**Vulnerabilities found:** Z
### Security Vulnerabilities
| Severity | Package | Current | Fixed In | CVE |
|----------|---------|---------|----------|-----|
| High | lodash | 4.17.15 | 4.17.21 | CVE-2021-23337 |
| Medium | axios | 0.21.0 | 0.21.1 | CVE-2021-3749 |
### Outdated Packages
| Package | Current | Latest | Type |
|---------|---------|--------|------|
| react | 17.0.2 | 18.2.0 | Major |
| typescript | 4.9.5 | 5.3.2 | Major |
| jest | 29.5.0 | 29.7.0 | Minor |
### Recommendations
1. **Immediate**: Update lodash to fix high severity CVE
2. **Soon**: Update axios for security patch
3. **Plan**: Evaluate React 18 migration
$ /deps audit --security
Auditing dependencies...
Package manager: npm
Total packages: 245 (42 direct, 203 transitive)
Security Scan Results:
🔴 High Severity (1)
━━━━━━━━━━━━━━━━━━━
lodash@4.17.15
CVE-2021-23337: Prototype pollution
Fixed in: 4.17.21
Recommendation: npm update lodash
🟡 Medium Severity (2)
━━━━━━━━━━━━━━━━━━━━━
axios@0.21.0
CVE-2021-3749: ReDoS vulnerability
Fixed in: 0.21.1
minimist@1.2.5
CVE-2021-44906: Prototype pollution
Fixed in: 1.2.6
🟢 Low Severity (0)
━━━━━━━━━━━━━━━━━━━━━
Summary: 3 vulnerabilities found
- 1 high (action required)
- 2 medium (update soon)
Suggested fix:
npm update lodash axios minimist
Run `/deps update` to apply security patches.
Write a structured handoff at session end. Preserves context so the next agent can resume without human briefing. Invoke before ending any feature session longer than 30 minutes.
Multi-perspective code review against project standards with P1/P2/P3 severity classification. Works in Claude Code (Agent + optional GitHub MCP) and Cursor (Task subagents + gh/git). Use when the user invokes /review, asks for a PR or diff review, or wants a standards-aligned review with severity tags.
Multi-perspective code review (P1/P2/P3) for Cursor: inline checklists plus three parallel Task subagents (perf-auditor, security-reviewer, simplicity-reviewer with combined data-integrity prompt). Use when the user invokes /review, asks for a PR review, or wants repo-standard findings with severity.
Create well-formatted git commits following conventional commit standards.
Red→green→refactor discipline for new behavior — forces a failing test before implementation and a passing test before any claim of done.
Create or manage a git worktree for isolated parallel development — lets multiple agents work in the repo simultaneously without branch collisions.