Audit project dependencies for security vulnerabilities and updates.
Audits project dependencies for security vulnerabilities, outdated packages, and license issues.
/plugin marketplace add marcel-Ngan/ai-dev-team/plugin install marcel-ngan-ai-dev-team@marcel-Ngan/ai-dev-teamAudit project dependencies for security vulnerabilities and updates.
/deps-audit [scope]
Arguments:
scope - (optional) Audit scope: security, outdated, licenses, all/deps-audit
/deps-audit security
/deps-audit outdated
/deps-audit licenses
/deps-audit all
Analyzes dependencies for:
For vulnerabilities provides:
## Dependency Audit
### Security Vulnerabilities
#### Critical ({count})
| Package | Version | Vulnerability | Fix |
|---------|---------|---------------|-----|
| {pkg} | {ver} | {CVE-XXXX} | Upgrade to {ver} |
**Details:**
- **CVE-XXXX:** {description}
- Severity: Critical
- CVSS: {score}
- Affected: {version range}
- Fix: `npm update {package}` or `yarn upgrade {package}`
#### High ({count})
{Similar format}
### Outdated Packages
| Package | Current | Latest | Type |
|---------|---------|--------|------|
| {pkg} | {current} | {latest} | {major/minor/patch} |
### License Issues
| Package | License | Issue |
|---------|---------|-------|
| {pkg} | {license} | {compatibility concern} |
### Recommendations
1. **Immediate:** {critical fixes}
2. **Soon:** {high priority updates}
3. **Planned:** {routine updates}
### Summary
- Total dependencies: {count}
- Vulnerabilities: {count} ({critical} critical)
- Outdated: {count}
- License issues: {count}
skills/security/dependency-audit/
Use the DevOps Engineer agent when:
/deps-auditYou are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.