dependency-auditorDependency Auditor
Install via ClawdBot CLI:
clawdbot install alirezarezvani/dependency-auditorGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Potentially destructive shell commands in tool definitions
eval(Calls external URL not in known-safe list
https://github.com/example/sample-web-app.gitAI Analysis
The skill definition describes legitimate dependency auditing functionality with no evidence of credential harvesting, data exfiltration, or hidden malicious instructions. The identified signals relate to common development tools (git clone) and shell usage typical for dependency analysis, not malicious behavior.
Audited Apr 17, 2026 · audit v1.0
Generated Mar 20, 2026
A software foundation developing an open-source library needs to ensure all dependencies have permissive licenses compatible with their MIT license. The skill scans package manifests, identifies GPL-licensed transitive dependencies, and flags license conflicts to prevent legal risks before public release.
A financial services company maintains a large Node.js microservices application. The skill scans dependencies across services, matches CVEs with CVSS scores, and prioritizes patches for high-risk vulnerabilities in production dependencies, enabling focused security updates.
An e-commerce platform built with Python and JavaScript has slowed due to bloated dependencies. The skill analyzes unused imports and redundant packages, identifying opportunities to remove 20+ unnecessary dependencies, improving build times and reducing attack surface.
A SaaS startup using Rust and Go needs to update dependencies without breaking APIs. The skill analyzes semantic versioning, predicts breaking changes in major updates, and suggests safe incremental upgrade paths to maintain service reliability during updates.
Offer a free tier for basic vulnerability scanning on public repositories, with paid plans for private repos, advanced features like license compliance, and team collaboration tools. Revenue comes from monthly subscriptions based on scan frequency and repository count.
Sell annual enterprise licenses with on-premise deployment, custom vulnerability databases, and integration into existing CI/CD pipelines. Include premium support, SLA guarantees, and compliance reporting for regulated industries like finance and healthcare.
Provide audit services where teams use the skill to analyze client projects, generate detailed reports, and offer remediation consulting. Bundle with ongoing monitoring and alerting for dependency risks, targeting organizations without in-house expertise.
💬 Integration Tip
Integrate into CI/CD pipelines to automatically scan dependencies on each commit, using webhooks to alert teams about new vulnerabilities or license issues in real-time.
Scored Apr 19, 2026
Use the @steipete/oracle CLI to bundle a prompt plus the right files and get a second-model review (API or browser) for debugging, refactors, design checks, or cross-validation.
This skill should be used when the user needs to analyze frontend project architecture evaluate tech stack choices review component design patterns assess bu...
Write, run, and manage unit, integration, and E2E tests across TypeScript, Python, and Swift using recommended frameworks.
Guide for creating effective skills. This skill should be used when users want to create a new skill (or update an existing skill) that extends Claude's capabilities with specialized knowledge, workflows, or tool integrations.
Control desktop applications on Windows — launch, close, focus, resize, move windows, simulate keyboard/mouse input, manage processes, control VSCode, read clipboard, and capture screen info. Use when the user wants to interact with any running program, switch windows, type text, press shortcuts, open files in VSCode, manage running processes, or get system display information.
A comprehensive skill for using the Cursor CLI agent for various software engineering tasks (updated for 2026 features, includes tmux automation guide).