一键导入
dependency-check
Analyze project dependencies for outdated packages, security vulnerabilities, and licensing issues. Use for dependency audits and maintenance.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Analyze project dependencies for outdated packages, security vulnerabilities, and licensing issues. Use for dependency audits and maintenance.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Comprehensive pre-merge testing for CodeGeass. Tests PR changes FIRST, then runs regression tests on all CLI commands and Dashboard API endpoints.
Implement code from a GitHub issue specification. Explores codebase, researches docs, creates temporary implementation plan, then implements incrementally (small piece → test → commit → next). Cleans up plan file before PR.
Plan new features/integrations following SOLID principles. Analyzes codebase architecture, researches official documentation and best practices, designs extensible solution, and creates comprehensive GitHub issue with implementation blueprint.
Refactor monolithic code into clean, single-responsibility modules following SOLID principles
Release a new version to PyPI - updates version, changelog, commits, tags, and pushes
Comprehensive code review for PRs or recent changes. Checks correctness, security, performance, maintainability, and tests.
| name | dependency-check |
| description | Analyze project dependencies for outdated packages, security vulnerabilities, and licensing issues. Use for dependency audits and maintenance. |
| context | fork |
| agent | Explore |
| allowed-tools | Read, Grep, Glob, Bash(npm audit *), Bash(pip-audit *), Bash(npm outdated *), Bash(pip list --outdated *) |
| disable-model-invocation | true |
Analyze dependencies for the project at $ARGUMENTS.
Identify packages with available updates:
Check for known vulnerabilities:
Review dependency licenses:
find . -maxdepth 3 -name "package.json" -o -name "requirements.txt" -o -name "Pipfile" -o -name "go.mod" -o -name "Cargo.toml" 2>/dev/null | head -5find . -maxdepth 3 -name "package-lock.json" -o -name "yarn.lock" -o -name "Pipfile.lock" -o -name "poetry.lock" 2>/dev/null | head -5Check outdated packages:
npm outdated --json 2>/dev/null || echo "{}"
Run security audit:
npm audit --json 2>/dev/null || echo "{}"
Check outdated packages:
pip list --outdated --format=json 2>/dev/null || echo "[]"
Run security audit (if pip-audit installed):
pip-audit --format=json 2>/dev/null || echo "pip-audit not installed"
Return a JSON dependency report:
{
"project_type": "nodejs",
"manifest_files": ["package.json"],
"summary": {
"total_dependencies": 45,
"direct": 12,
"dev": 8,
"outdated": 5,
"vulnerable": 2
},
"outdated": [
{
"package": "lodash",
"current": "4.17.15",
"wanted": "4.17.21",
"latest": "4.17.21",
"type": "patch",
"breaking_changes": false
},
{
"package": "react",
"current": "17.0.2",
"wanted": "17.0.2",
"latest": "18.2.0",
"type": "major",
"breaking_changes": true
}
],
"vulnerabilities": [
{
"package": "minimist",
"severity": "high",
"cve": "CVE-2021-44906",
"description": "Prototype pollution",
"fixed_in": "1.2.6",
"recommendation": "Update to ^1.2.6"
}
],
"license_issues": [
{
"package": "gpl-library",
"license": "GPL-3.0",
"concern": "Copyleft license may require open-sourcing your code"
}
],
"recommendations": [
"Update lodash to patch security vulnerability",
"Consider upgrading to React 18 (breaking changes)",
"Review GPL-licensed dependency compatibility"
]
}