Skip to main content
Jeden Skill in Manus ausführen
mit einem Klick

dependency-audit-weapon

Sterne1
Forks2
Aktualisiert11. Juni 2026 um 03:38

Supply-chain security specialist for open-source dependency hygiene. Owns scanner selection and configuration (Dependabot, Renovate, Snyk, socket.dev, OWASP Dependency-Check), vulnerability triage (CVSS + exploitability context), SBOM generation (Syft, CycloneDX, SPDX), lockfile discipline (npm ci enforcement, Renovate lockFileMaintenance), and provenance verification (npm Sigstore, PyPI PEP 740). Use when the user says "audit our dependencies", "set up Renovate", "Renovate vs Dependabot", "socket.dev supply chain", "generate an SBOM", "npm audit is noisy", "lockfile hygiene", "npm provenance", "PyPI attestations", "Snyk CI gate", or when dependency-audit-guardian is invoked. Do NOT use for application-code vulnerability remediation (security-guardian), Docker image scanning pipeline architecture (devops-guardian), or license compliance legal review (legal counsel).

Installation

Mit Codex oder Claude installieren Kopieren Sie diesen Prompt, fügen Sie ihn in Codex, Claude oder einen anderen Assistant ein und lassen Sie die Skill-Seite prüfen und installieren.

Datei-Explorer
22 Dateien
SKILL.md
readonly