Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

$pwd:

dependency-audit

Name: Dependency Audit
Author: Pratiyush

// Audit project dependencies for known vulnerabilities, outdated packages, and license compliance issues. Use when the user asks to check dependencies, audit packages, review licenses, or assess supply chain security.

In Manus ausführen

$ git log --oneline --stat

stars:0

forks:0

updated:7. April 2026 um 22:10

Datei-Explorer

3 Dateien

SKILL.md

readonly

name	dependency-audit
description	Audit project dependencies for known vulnerabilities, outdated packages, and license compliance issues. Use when the user asks to check dependencies, audit packages, review licenses, or assess supply chain security.
license	Apache-2.0
compatibility	Requires Node.js 22+
metadata	{"author":"skillscraft","version":"1.0","category":"security"}
allowed-tools	Bash Read

Dependency Audit

When to use this skill

Activate when the user wants to:

Audit npm dependencies for vulnerabilities or outdated versions
Check license compliance across the dependency tree
Assess supply chain risk before adding a new dependency

Instructions

For vulnerability and staleness checks, run:

node scripts/audit-packages.mjs <project-directory>

For license compliance, run:

node scripts/check-licenses.mjs <project-directory>

Parse the JSON output from each script
Present findings sorted by severity: critical > high > medium > low
Suggest specific remediation steps for each issue

Output format

The audit script outputs:

{
  "project": "./my-app",
  "packageManager": "npm",
  "totalDependencies": 42,
  "issues": [
    {
      "package": "lodash",
      "version": "4.17.15",
      "issue": "outdated",
      "severity": "medium",
      "message": "Current: 4.17.15, no repository field in package.json"
    }
  ],
  "summary": { "critical": 0, "high": 0, "medium": 1, "low": 2 }
}

Gotchas

Only supports npm, yarn, and pnpm (reads package-lock.json, yarn.lock, or pnpm-lock.yaml)
Does not fetch live vulnerability data from remote APIs — analyzes lock file structure and package metadata locally
License check walks node_modules/ — run npm install first if modules are missing
GPL-family licenses are flagged as warnings in MIT/Apache projects, not errors

related-skills.json

gleiches Repository

project-maintenance.md

from "Pratiyush/agent-catalog"

Maintain project health by enforcing PR checklists, tracking open issues, verifying release readiness, and ensuring framework phases are up to date. Use when reviewing PRs, creating issues, preparing releases, or auditing project state.

2026-04-070

skill-template.md

from "Pratiyush/agent-catalog"

Scaffold new Agent Skills with best-practice structure and frontmatter. Use when the user wants to create a new skill, bootstrap a skill directory, or generate SKILL.md boilerplate following the Agent Skills spec.

2026-04-070

data-validation.md

from "Pratiyush/agent-catalog"

Validate CSV and JSON data files against schemas and quality rules. Use when the user asks to check data quality, validate a dataset, or verify file contents match an expected schema.

2026-04-070

hello-skill.md

from "Pratiyush/agent-catalog"

Generate friendly greeting messages in multiple languages. Use when the user asks for a hello message, welcome text, or localized greeting.

2026-04-070

release-notes.md

from "Pratiyush/agent-catalog"

Maintain project release notes, changelogs, and framework phase updates. Use when the user asks to generate a changelog, draft release notes, update CHANGELOG.md, or track framework phase transitions.

2026-04-070

test-generator.md

from "Pratiyush/agent-catalog"

Generate test file stubs and boilerplate from source code analysis. Use when the user asks to create tests, add test coverage, or scaffold test files for existing source code.

2026-04-070

package.json

"author": "Pratiyush"

"repository": "Pratiyush/agent-catalog"

GitHub-Repository öffnen Creator-Repositorys ansehen

$ install --global

$ download --local

In Manus ausführen

$ useful --forSOC

InformationssicherheitsanalystenInformatik- und Mathematikberufe15-1212L4

name	dependency-audit
description	Audit project dependencies for known vulnerabilities, outdated packages, and license compliance issues. Use when the user asks to check dependencies, audit packages, review licenses, or assess supply chain security.
license	Apache-2.0
compatibility	Requires Node.js 22+
metadata	{"author":"skillscraft","version":"1.0","category":"security"}
allowed-tools	Bash Read

Dependency Audit

When to use this skill

Activate when the user wants to:

Audit npm dependencies for vulnerabilities or outdated versions
Check license compliance across the dependency tree
Assess supply chain risk before adding a new dependency

Instructions

For vulnerability and staleness checks, run:

node scripts/audit-packages.mjs <project-directory>

For license compliance, run:

node scripts/check-licenses.mjs <project-directory>

Parse the JSON output from each script
Present findings sorted by severity: critical > high > medium > low
Suggest specific remediation steps for each issue

Output format

The audit script outputs:

{
  "project": "./my-app",
  "packageManager": "npm",
  "totalDependencies": 42,
  "issues": [
    {
      "package": "lodash",
      "version": "4.17.15",
      "issue": "outdated",
      "severity": "medium",
      "message": "Current: 4.17.15, no repository field in package.json"
    }
  ],
  "summary": { "critical": 0, "high": 0, "medium": 1, "low": 2 }
}

Gotchas

Only supports npm, yarn, and pnpm (reads package-lock.json, yarn.lock, or pnpm-lock.yaml)
Does not fetch live vulnerability data from remote APIs — analyzes lock file structure and package metadata locally
License check walks node_modules/ — run npm install first if modules are missing
GPL-family licenses are flagged as warnings in MIT/Apache projects, not errors

dependency-audit

Dependency Audit

When to use this skill

Instructions

Output format

Gotchas

Mehr aus diesem Repository

Mehr aus diesem Repository

Dependency Audit

When to use this skill

Instructions

Output format

Gotchas