一键导入
dependency-audit
Audits dependency files and package changes for vulnerable packages, risky upgrades, license concerns, and supply-chain exposure.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Audits dependency files and package changes for vulnerable packages, risky upgrades, license concerns, and supply-chain exposure.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Creates or reviews API documentation for endpoints, SDKs, schemas, examples, errors, authentication, and compatibility behavior.
Diagnoses CI/CD failures from logs and workflow files, identifies likely root cause, and recommends minimal fixes or retry guidance.
Reviews code changes for quality, correctness, style, and potential issues.
Reviews Dockerfiles and container configuration for security, reproducibility, image size, runtime permissions, and deployment reliability.
Plans safe framework, library, API, database, or architecture migrations with phased rollout, compatibility checks, and rollback strategy.
Writes clear pull request descriptions from diffs, commits, or implementation notes, including summary, motivation, testing, risks, and rollout.
| name | dependency-audit |
| description | Audits dependency files and package changes for vulnerable packages, risky upgrades, license concerns, and supply-chain exposure. |
Use this skill when reviewing changes to package manifests, lockfiles, container base images, GitHub Actions, language toolchains, or third-party SDKs.
package.json, lockfiles, pyproject.toml, requirements.txt, go.mod, Cargo.toml, Gemfile, Dockerfiles, or workflow YAMLProvide: