Skip to main content
Exécutez n'importe quel Skill dans Manus
en un clic

dependency-audit-weapon

Étoiles1
Forks2
Mis à jour11 juin 2026 à 03:38

Supply-chain security specialist for open-source dependency hygiene. Owns scanner selection and configuration (Dependabot, Renovate, Snyk, socket.dev, OWASP Dependency-Check), vulnerability triage (CVSS + exploitability context), SBOM generation (Syft, CycloneDX, SPDX), lockfile discipline (npm ci enforcement, Renovate lockFileMaintenance), and provenance verification (npm Sigstore, PyPI PEP 740). Use when the user says "audit our dependencies", "set up Renovate", "Renovate vs Dependabot", "socket.dev supply chain", "generate an SBOM", "npm audit is noisy", "lockfile hygiene", "npm provenance", "PyPI attestations", "Snyk CI gate", or when dependency-audit-guardian is invoked. Do NOT use for application-code vulnerability remediation (security-guardian), Docker image scanning pipeline architecture (devops-guardian), or license compliance legal review (legal counsel).

Installation

Installer avec Codex ou Claude Copiez ce prompt, collez-le dans Codex, Claude ou un autre assistant, puis laissez-le vérifier la page du skill et l'installer pour vous.

Explorateur de fichiers
22 fichiers
SKILL.md
readonly