Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

Commencer

deps

Étoiles0

Forks0

Mis à jour12 février 2026 à 18:16

Audit, update, and manage project dependencies safely.

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Exécuter dans Manus

Source

coreindustries

coreindustries/core-ai-template

Ouvrir le dépôt GitHub Voir les dépôts du créateur

Téléchargement

Exécuter dans Manus

Métiers associésSOC

Basé sur la classification professionnelle SOC

Développeurs de logicielsProfessions informatiques et mathématiques·SOC 15-1252

SKILL.md

readonly

name	deps
description	Audit, update, and manage project dependencies safely.

/deps

Audit, update, and manage project dependencies safely.

Usage

/deps [action] [package] [--security] [--outdated]

Arguments

action: audit, update, add, remove, outdated (default: audit)
package: Specific package name (for add/remove/update)
--security: Focus on security vulnerabilities only
--outdated: Show only outdated packages

Instructions

When this skill is invoked:

Agent Behavior

Autonomy:

Complete dependency operations end-to-end
Verify changes don't break the build
Run tests after updates

Safety:

Never auto-update major versions without confirmation
Always check for breaking changes
Create atomic commits for dependency changes

Actions

Audit (`/deps audit`)

Check for security vulnerabilities and issues:

Read prd/00_technology.md for audit commands

Run security audit:

# Commands vary by stack (see prd/00_technology.md)
{dependency_audit_command}

Categorize findings by severity
Suggest remediations

Outdated (`/deps outdated`)

List packages with available updates:

Check for updates:
```
{outdated_command}
```
Categorize by update type:
- Patch updates (safe)
- Minor updates (usually safe)
- Major updates (review changelog)
Present update plan

Update (`/deps update [package]`)

Update dependencies safely:

If specific package:
```
{update_package_command} <package>
```
If all packages (patch/minor only):
```
{update_all_command}
```

Verify after update:

{install_command}
{test_command}
{build_command}

Create commit:

chore(deps): update <package> to <version>

Add (`/deps add <package>`)

Add new dependency:

Check if already installed
Verify package legitimacy:
- Check download stats
- Check maintenance status
- Check for known vulnerabilities
Install:
```
{add_package_command} <package>
```
Verify installation:
```
{test_command}
```

Remove (`/deps remove <package>`)

Remove dependency:

Check for usages in codebase
Warn if package is used
Remove:
```
{remove_package_command} <package>
```
Clean up imports if needed
Verify:
```
{test_command}
```

Dependency Report Format

## Dependency Audit Report

**Date:** YYYY-MM-DD
**Total packages:** X
**Direct dependencies:** Y
**Vulnerabilities found:** Z

### Security Vulnerabilities

| Severity | Package | Current | Fixed In | CVE |
|----------|---------|---------|----------|-----|
| High | lodash | 4.17.15 | 4.17.21 | CVE-2021-23337 |
| Medium | axios | 0.21.0 | 0.21.1 | CVE-2021-3749 |

### Outdated Packages

| Package | Current | Latest | Type |
|---------|---------|--------|------|
| react | 17.0.2 | 18.2.0 | Major |
| typescript | 4.9.5 | 5.3.2 | Major |
| jest | 29.5.0 | 29.7.0 | Minor |

### Recommendations

1. **Immediate**: Update lodash to fix high severity CVE
2. **Soon**: Update axios for security patch
3. **Plan**: Evaluate React 18 migration

Update Safety Rules

Patch updates (1.0.0 → 1.0.1): Auto-update OK
Minor updates (1.0.0 → 1.1.0): Auto-update with tests
Major updates (1.0.0 → 2.0.0): Review changelog, confirm

Lockfile Handling

Always commit lockfile changes
Never manually edit lockfiles
Regenerate if conflicts occur

Example Output

$ /deps audit --security

Auditing dependencies...

Package manager: npm
Total packages: 245 (42 direct, 203 transitive)

Security Scan Results:

🔴 High Severity (1)
━━━━━━━━━━━━━━━━━━━
lodash@4.17.15
  CVE-2021-23337: Prototype pollution
  Fixed in: 4.17.21
  Recommendation: npm update lodash

🟡 Medium Severity (2)
━━━━━━━━━━━━━━━━━━━━━
axios@0.21.0
  CVE-2021-3749: ReDoS vulnerability
  Fixed in: 0.21.1

minimist@1.2.5
  CVE-2021-44906: Prototype pollution
  Fixed in: 1.2.6

🟢 Low Severity (0)

━━━━━━━━━━━━━━━━━━━━━
Summary: 3 vulnerabilities found
  - 1 high (action required)
  - 2 medium (update soon)

Suggested fix:
npm update lodash axios minimist

Run `/deps update` to apply security patches.

Plus depuis ce dépôt

même dépôt

handoff

coreindustries/core-ai-template

Write a structured handoff at session end. Preserves context so the next agent can resume without human briefing. Invoke before ending any feature session longer than 30 minutes.

2026-05-220

review

coreindustries/core-ai-template

Multi-perspective code review against project standards with P1/P2/P3 severity classification. Works in Claude Code (Agent + optional GitHub MCP) and Cursor (Task subagents + gh/git). Use when the user invokes /review, asks for a PR or diff review, or wants a standards-aligned review with severity tags.

2026-05-130

review

coreindustries/core-ai-template

Multi-perspective code review (P1/P2/P3) for Cursor: inline checklists plus three parallel Task subagents (perf-auditor, security-reviewer, simplicity-reviewer with combined data-integrity prompt). Use when the user invokes /review, asks for a PR review, or wants repo-standard findings with severity.

2026-05-130

commit

coreindustries/core-ai-template

Create well-formatted git commits following conventional commit standards.

2026-05-080

tdd

coreindustries/core-ai-template

Red→green→refactor discipline for new behavior — forces a failing test before implementation and a passing test before any claim of done.

2026-04-210

coreindustries/core-ai-template

Create or manage a git worktree for isolated parallel development — lets multiple agents work in the repo simultaneously without branch collisions.

2026-04-210

name	deps
description	Audit, update, and manage project dependencies safely.

/deps

Audit, update, and manage project dependencies safely.

Usage

/deps [action] [package] [--security] [--outdated]

Arguments

action: audit, update, add, remove, outdated (default: audit)
package: Specific package name (for add/remove/update)
--security: Focus on security vulnerabilities only
--outdated: Show only outdated packages

Instructions

When this skill is invoked:

Agent Behavior

Autonomy:

Complete dependency operations end-to-end
Verify changes don't break the build
Run tests after updates

Safety:

Never auto-update major versions without confirmation
Always check for breaking changes
Create atomic commits for dependency changes

Actions

Audit (`/deps audit`)

Check for security vulnerabilities and issues:

Read prd/00_technology.md for audit commands

Run security audit:

# Commands vary by stack (see prd/00_technology.md)
{dependency_audit_command}

Categorize findings by severity
Suggest remediations

Outdated (`/deps outdated`)

List packages with available updates:

Check for updates:
```
{outdated_command}
```
Categorize by update type:
- Patch updates (safe)
- Minor updates (usually safe)
- Major updates (review changelog)
Present update plan

Update (`/deps update [package]`)

Update dependencies safely:

If specific package:
```
{update_package_command} <package>
```
If all packages (patch/minor only):
```
{update_all_command}
```

Verify after update:

{install_command}
{test_command}
{build_command}

Create commit:

chore(deps): update <package> to <version>

Add (`/deps add <package>`)

Add new dependency:

Check if already installed
Verify package legitimacy:
- Check download stats
- Check maintenance status
- Check for known vulnerabilities
Install:
```
{add_package_command} <package>
```
Verify installation:
```
{test_command}
```

Remove (`/deps remove <package>`)

Remove dependency:

Check for usages in codebase
Warn if package is used
Remove:
```
{remove_package_command} <package>
```
Clean up imports if needed
Verify:
```
{test_command}
```

Dependency Report Format

## Dependency Audit Report

**Date:** YYYY-MM-DD
**Total packages:** X
**Direct dependencies:** Y
**Vulnerabilities found:** Z

### Security Vulnerabilities

| Severity | Package | Current | Fixed In | CVE |
|----------|---------|---------|----------|-----|
| High | lodash | 4.17.15 | 4.17.21 | CVE-2021-23337 |
| Medium | axios | 0.21.0 | 0.21.1 | CVE-2021-3749 |

### Outdated Packages

| Package | Current | Latest | Type |
|---------|---------|--------|------|
| react | 17.0.2 | 18.2.0 | Major |
| typescript | 4.9.5 | 5.3.2 | Major |
| jest | 29.5.0 | 29.7.0 | Minor |

### Recommendations

1. **Immediate**: Update lodash to fix high severity CVE
2. **Soon**: Update axios for security patch
3. **Plan**: Evaluate React 18 migration

Update Safety Rules

Patch updates (1.0.0 → 1.0.1): Auto-update OK
Minor updates (1.0.0 → 1.1.0): Auto-update with tests
Major updates (1.0.0 → 2.0.0): Review changelog, confirm

Lockfile Handling

Always commit lockfile changes
Never manually edit lockfiles
Regenerate if conflicts occur

Example Output

$ /deps audit --security

Auditing dependencies...

Package manager: npm
Total packages: 245 (42 direct, 203 transitive)

Security Scan Results:

🔴 High Severity (1)
━━━━━━━━━━━━━━━━━━━
lodash@4.17.15
  CVE-2021-23337: Prototype pollution
  Fixed in: 4.17.21
  Recommendation: npm update lodash

🟡 Medium Severity (2)
━━━━━━━━━━━━━━━━━━━━━
axios@0.21.0
  CVE-2021-3749: ReDoS vulnerability
  Fixed in: 0.21.1

minimist@1.2.5
  CVE-2021-44906: Prototype pollution
  Fixed in: 1.2.6

🟢 Low Severity (0)

━━━━━━━━━━━━━━━━━━━━━
Summary: 3 vulnerabilities found
  - 1 high (action required)
  - 2 medium (update soon)

Suggested fix:
npm update lodash axios minimist

Run `/deps update` to apply security patches.

deps

/deps

Usage

Arguments

Instructions

Agent Behavior

Actions

Audit (/deps audit)

Outdated (/deps outdated)

Update (/deps update [package])

Add (/deps add <package>)

Remove (/deps remove <package>)

Dependency Report Format

Update Safety Rules

Lockfile Handling

Example Output

Plus depuis ce dépôt

Plus depuis ce dépôt

/deps

Usage

Arguments

Instructions

Agent Behavior

Actions

Audit (/deps audit)

Outdated (/deps outdated)

Update (/deps update [package])

Add (/deps add <package>)

Remove (/deps remove <package>)

Dependency Report Format

Update Safety Rules

Lockfile Handling

Example Output

Audit (`/deps audit`)

Outdated (`/deps outdated`)

Update (`/deps update [package]`)

Add (`/deps add <package>`)

Remove (`/deps remove <package>`)

Audit (`/deps audit`)

Outdated (`/deps outdated`)

Update (`/deps update [package]`)

Add (`/deps add <package>`)

Remove (`/deps remove <package>`)