From Code Health
Orchestrates dependency audit and update workflow with priority-based updates and verification cycles.
How this skill is triggered — by the user, by Claude, or both
Slash command
/code-health:deps-health-inlineThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
You ARE the orchestrator. Execute this workflow directly without spawning a separate orchestrator agent.
You ARE the orchestrator. Execute this workflow directly without spawning a separate orchestrator agent.
Audit → Validate → Update by Priority → Verify → Repeat if needed
Max iterations: 3 Priorities: critical → high → medium → low
Setup directories:
mkdir -p .tmp/current/{plans,changes,backups}
Validate environment:
package.json existstype-check and build scripts existInitialize TodoWrite:
[
{"content": "Dependency audit", "status": "in_progress", "activeForm": "Auditing dependencies"},
{"content": "Fix critical dependency issues", "status": "pending", "activeForm": "Fixing critical deps"},
{"content": "Fix high priority dependency issues", "status": "pending", "activeForm": "Fixing high deps"},
{"content": "Fix medium priority dependency issues", "status": "pending", "activeForm": "Fixing medium deps"},
{"content": "Fix low priority dependency issues", "status": "pending", "activeForm": "Fixing low deps"},
{"content": "Verification audit", "status": "pending", "activeForm": "Verifying updates"}
]
Invoke dependency-auditor via Task tool:
subagent_type: "dependency-auditor"
description: "Audit all dependencies"
prompt: |
Audit the entire codebase for dependency issues:
- Security vulnerabilities (npm audit / pnpm audit)
- Outdated packages (major/minor/patch)
- Unused dependencies (via Knip)
- Deprecated packages
- License compliance issues
- Categorize by priority (critical/high/medium/low)
Generate: dependency-scan-report.md
Return summary with issue counts per priority.
After dependency-auditor returns:
dependency-scan-report.mdRun inline validation:
pnpm type-check
pnpm build
For each priority (critical → high → medium → low):
Check if issues exist for this priority
Update TodoWrite: mark current priority in_progress
Invoke dependency-updater via Task tool:
subagent_type: "dependency-updater"
description: "Update {priority} dependencies"
prompt: |
Read dependency-scan-report.md and fix all {priority} priority issues.
For each issue:
1. Backup package.json and lockfile
2. Update ONE dependency at a time
3. Run type-check and build after each update
4. If fails, rollback and skip
5. Log change to .tmp/current/changes/deps-changes.json
Generate/update: dependency-updates-implemented.md
Return: count of updated deps, count of failed updates.
Quality Gate (inline):
pnpm type-check
pnpm build
Update TodoWrite: mark priority complete
Repeat for next priority
After all priorities updated:
Update TodoWrite: mark verification in_progress
Invoke dependency-auditor (verification mode):
subagent_type: "dependency-auditor"
description: "Verification audit"
prompt: |
Re-audit dependencies after updates.
Compare with previous dependency-scan-report.md.
Report:
- Issues fixed (count)
- Issues remaining (count)
- New issues introduced (count)
Decision:
Generate summary for user:
## Dependency Health Check Complete
**Iterations**: {count}/3
**Status**: {SUCCESS/PARTIAL}
### Results
- Found: {total} dependency issues
- Fixed: {fixed} ({percentage}%)
- Remaining: {remaining}
### By Priority
- Critical: {fixed}/{total}
- High: {fixed}/{total}
- Medium: {fixed}/{total}
- Low: {fixed}/{total}
### Validation
- Type Check: {status}
- Build: {status}
### Artifacts
- Audit: `dependency-scan-report.md`
- Updates: `dependency-updates-implemented.md`
If quality gate fails:
Rollback available: .tmp/current/changes/deps-changes.json
To rollback:
1. Read changes log
2. Restore package.json and lockfile from .tmp/current/backups/
3. Run pnpm install
4. Re-run workflow
If worker fails:
| Old (Orchestrator Agent) | New (Inline Skill) |
|---|---|
| 9+ orchestrator calls | 0 orchestrator calls |
| ~1400 lines (cmd + agent) | ~150 lines |
| Context reload each call | Single session context |
| Plan files for each phase | Direct execution |
| ~10,000+ tokens overhead | ~500 tokens |
See references/worker-prompts.md for detailed prompts.
npx claudepluginhub jhamidun/claude-code-config-pack --plugin code-healthProvides C# and .NET testing patterns using xUnit, FluentAssertions, NSubstitute, Testcontainers, and WebApplicationFactory for unit and integration tests.