Search Results: dependency-audit

Found 50 Skills

Security & Compliancerohitg00/awesome-claude-c...

security-hardening

Application security covering input validation, auth, headers, secrets management, and dependency auditing

Security & Compliancepixel-process-ug/superkit...

security-review

Use when reviewing code for security vulnerabilities, implementing authentication or authorization, handling user input, managing secrets, or auditing dependencies for known CVEs. Triggers: auth implementation, input handling, secrets management, dependency audit, pre-deployment security check, OWASP compliance review.

🇺🇸|EnglishTranslated

Code Qualityhelderberto/skills

audit-deps

Check dependencies for vulnerabilities. Use when user asks to "audit dependencies", "/audit-deps", "check for vulnerabilities", or wants to check dependency health.

🇺🇸|EnglishTranslated

Security & Complianceragnarok22/agent-skills

dependency-risk-audit

Review Python dependencies for known security advisories, stale version pins, and unsafe upgrade paths. Use when users ask for dependency security reviews, requirements or lockfile audits, upgrade planning, pre-release risk checks, or remediation prioritization for Python projects.

🇺🇸|EnglishTranslated

Security & Compliancetrailofbits/skills

supply-chain-risk-auditor

Identifies dependencies at heightened risk of exploitation or takeover. Use when assessing supply chain attack surface, evaluating dependency health, or scoping security engagements.

🇺🇸|EnglishTranslated

Security & Compliancekooooooma/skills

code-security-scanner

Scan code repositories for security threats including data exfiltration, backdoors, malicious code injection, dependency chain risks, and sensitive file access. Use this skill when users want to audit a codebase (especially TypeScript/JavaScript/Node.js projects) for security vulnerabilities, detect hidden malware, review npm dependencies for supply-chain attacks, check for credential leaks, or perform a pre-deployment security review. Triggers on requests like "scan for malicious code", "security audit", "check for backdoors", "review dependencies for vulnerabilities", "detect data exfiltration".

🇺🇸|EnglishTranslated

Code Qualitymgd34msu/goodvibes-plugin

project-onboarding

Load PROACTIVELY when starting work on an unfamiliar codebase or setting up a new project. Use when user says "help me understand this codebase", "onboard me", "what does this project do", "set up my environment", or "map the architecture". Covers codebase structure analysis, architecture mapping, dependency auditing, convention and pattern detection, developer environment setup, and documentation of findings for rapid productive contribution.

🇺🇸|EnglishTranslated

1 scripts/Attention

Code Qualitytravisjneuman/.claude

tech-debt-analyzer

This skill should be used when analyzing technical debt in a codebase, documenting code quality issues, creating technical debt registers, or assessing code maintainability. Use this for identifying code smells, architectural issues, dependency problems, missing documentation, security vulnerabilities, and creating comprehensive technical debt documentation.

🇺🇸|EnglishTranslated

3 scripts/Attention

Security & Compliancecuriositech/some_claude_s...

security-auditor

Security vulnerability scanner and OWASP compliance auditor for codebases. Dependency scanning (npm audit, pip-audit), secret detection (high-entropy strings, API keys), SAST for injection/XSS vulnerabilities, and security posture reports. Activate on 'security audit', 'vulnerability scan', 'OWASP', 'secret detection', 'dependency check', 'CVE', 'security review', 'penetration testing prep'. NOT for runtime WAF configuration (use infrastructure tools), network security/firewalls, or compliance certifications like SOC2/HIPAA (legal/organizational).

🇺🇸|EnglishTranslated

3 scripts/Attention

Code Qualitytobihagemann/turbo

review-dependencies

Detect package managers and discover outdated or vulnerable dependencies. Returns structured findings without upgrading. Use when the user asks to "review dependencies", "check for outdated packages", "check dependencies", "scan dependencies", or "dependency review".

🇺🇸|EnglishTranslated

Security & Compliancegithub/awesome-copilot

agent-supply-chain

Verify supply chain integrity for AI agent plugins, tools, and dependencies. Use this skill when: - Generating SHA-256 integrity manifests for agent plugins or tool packages - Verifying that installed plugins match their published manifests - Detecting tampered, modified, or untracked files in agent tool directories - Auditing dependency pinning and version policies for agent components - Building provenance chains for agent plugin promotion (dev → staging → production) - Any request like "verify plugin integrity", "generate manifest", "check supply chain", or "sign this plugin"

🇺🇸|EnglishTranslated

Code Qualityonewave-ai/claude-skills

overnight-repo-auditor

Uses Managed Agents' 14.5-hour runtime to audit an entire codebase overnight. Security, performance, accessibility, dependency issues. You wake up to a full report.

🇺🇸|EnglishTranslated