스킬 검색.../

Deps | Skills Pool

스킬 파일

Deps

Analyze, audit, and manage project dependencies. Use when the user says /deps, asks to check dependencies, find outdated packages, audit for vulnerabilities, analyze dependency trees, or clean up unused packages. Triggers: deps, dependencies, outdated, audit, vulnerabilities, upgrade packages, dependency tree, unused packages, npm audit, pip audit.

maggit0 스타2026. 2. 8.

직업
카테고리: CI/CD

스킬 내용

Dependency Manager

Analyze, audit, and manage project dependencies.

Workflow

Detect the package ecosystem:
- package.json → npm/yarn/pnpm
- pyproject.toml / requirements.txt → pip/poetry/uv
- Cargo.toml → cargo
- go.mod → Go modules
- Gemfile → bundler
- pom.xml / build.gradle → Maven/Gradle
Run the requested analysis:

Outdated Dependencies

npm outdated / yarn outdated / pnpm outdated
pip list --outdated
cargo outdated (if installed)
go list -u -m all
Present as a table: package, current, wanted, latest, type (major/minor/patch).

관련 스킬

빠른 설치

Deps

npx skills add maggit/claude-workspace

Skill 다운로드 저장소 열기

작성자: maggit
스타: 0
업데이트: 2026. 2. 8.
직업

이 페이지의 내용

01Dependency Manager 02

Security Audit

npm audit / yarn audit / pnpm audit
pip audit / safety check
cargo audit
govulncheck ./...
Categorize findings by severity (critical, high, medium, low).
For each vulnerability, show: package, severity, description, fix available.

Unused Dependencies

Cross-reference declared dependencies against actual imports in the codebase.
Check devDependencies vs runtime usage.
Flag dependencies that are declared but never imported.

Dependency Tree Analysis

npm ls --all / yarn why <pkg> / pnpm why <pkg>
pipdeptree
Identify duplicate packages at different versions.
Find heavy transitive dependencies.

Upgrade Plan

For major upgrades, generate a plan:

1. Upgrade <package> from v2.x to v3.x
   - Breaking changes: <list from changelog>
   - Required code changes: <files affected>
   - Risk: <low/medium/high>

Present findings with actionable recommendations.

Guidelines

Always show the impact before suggesting upgrades (breaking changes, migration effort).
For security vulnerabilities, prioritize by exploitability and exposure, not just CVSS score.
Suggest pinning strategies: exact versions for apps, ranges for libraries.
Warn about packages that are unmaintained (no commits in >1 year, deprecated).
Don't auto-upgrade — always present the plan and get user confirmation.
Check license compatibility if the user asks or if the project has a LICENSE file.

Workflow

03Outdated Dependencies

04Security Audit

05Unused Dependencies

06Dependency Tree Analysis

소프트웨어 개발자

Github

GitHub operations via `gh` CLI: issues, PRs, CI runs, code review, API queries. Use when: (1) checking PR status or CI, (2) creating/commenting on issues, (3) listing/filtering PRs or issues, (4) viewing run logs. NOT for: complex web UI interactions requiring manual browser flows (use browser tooling when available), bulk operations across many repos (script with gh api), or when gh auth is not configured.

Openclaw Parallels Smoke

End-to-end Parallels smoke, upgrade, and rerun workflow for OpenClaw across macOS, Windows, and Linux guests. Use when Codex needs to run, rerun, debug, or interpret VM-based install, onboarding, gateway smoke tests, latest-release-to-main upgrade checks, fresh snapshot retests, or optional Discord roundtrip verification under Parallels.

Update Screenshots

Download screenshot baselines from the latest CI run and commit them. Use when asked to update, accept, or refresh component screenshot baselines from CI, or after the screenshot-test GitHub Action reports differences. This skill should be run as a subagent.

microsoft184.0k

Azure Pipelines

Use when validating Azure DevOps pipeline changes for the VS Code build. Covers queueing builds, checking build status, viewing logs, and iterating on pipeline YAML changes without waiting for full CI runs.

microsoft184.0k

Agent Sort

Build an evidence-backed ECC install plan for a specific repo by sorting skills, commands, rules, hooks, and extras into DAILY vs LIBRARY buckets using parallel repo-aware review passes. Use when ECC should be trimmed to what a project actually needs instead of loading the full bundle.

Deployment Patterns

Deployment workflows, CI/CD pipeline patterns, Docker containerization, health checks, rollback strategies, and production readiness checklists for web applications. Use when setting up deployment infrastructure or planning releases.

소프트웨어 개발자