Claude-skill-registry dependency-analysis

Analyze project dependencies for security vulnerabilities, outdated

install

source · Clone the upstream repo

git clone https://github.com/majiayu000/claude-skill-registry

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/dependency-analysis" ~/.claude/skills/majiayu000-claude-skill-registry-dependency-analysis && rm -rf "$T"

manifest: skills/data/dependency-analysis/SKILL.md

Dependency Analysis Skill

Purpose

Systematic analysis of project dependencies for security and maintenance.

When to Use

Security audits
Before adding new dependencies
Planning version upgrades
Regular maintenance checks

Analysis Process

Step 1: Identify Package Manager

Detect from files:

package-lock.json

yarn.lock

pnpm-lock.yaml

→ Node.js

```
requirements.txt
```
/
```
Pipfile.lock
```
/
```
poetry.lock
```
→ Python
```
go.sum
```
→ Go

Step 2: Run Security Audit

Execute appropriate command:

# Node.js
npm audit --json || yarn audit --json

# Python (if pip-audit installed)
pip-audit --format json

# Go
govulncheck ./...

Step 3: Check Outdated

# Node.js
npm outdated --json

# Python
pip list --outdated --format json

# Go
go list -u -m all

Step 4: Analyze Results

Categorize findings:

Critical: Security vulnerabilities with known exploits
High: Security issues or major version behind
Medium: Minor version behind or deprecated
Low: Patch version behind

Output Format

Use templates/dep-report.md

Storage Location

Save to:

docs/research/dependency-audit-{date}.md