Which package managers does this skill support?

The Dependency Health & Security Checker supports npm (JavaScript/TypeScript), pip (Python), composer (PHP), gem (Ruby), and Go modules.

When is the best time to run a dependency check?

It is recommended to run a check during initial project setup, before any production deployment, and on a regular weekly basis to catch newly discovered CVEs.

Do I need to manually specify my package manager?

No, the skill automatically detects the package manager by looking for manifest files like package.json, requirements.txt, or go.mod.

Can this skill automatically fix security vulnerabilities?

The skill identifies vulnerabilities and suggests the specific versions required for a fix. You can then instruct Claude to apply those updates to your manifest files.

Does it check for legal risks in dependencies?

Yes, it includes a license compliance check to identify dependencies that might have restrictive or incompatible licenses for your project type.

Dependency Health & Security Checker

Name: Dependency Health & Security Checker
Author: jeremylongshore

byjeremylongshore

•

884

Security & Testing

Analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance across multiple programming languages.

About

This skill empowers Claude to proactively manage project health by scanning manifest files for known security vulnerabilities (CVEs), identifying outdated packages, and ensuring license compliance. By integrating with the dependency-checker plugin, it provides automated detection for popular package managers including npm, pip, composer, gem, and Go modules. It generates comprehensive reports that include severity levels and remediation advice, helping developers maintain a secure, high-performance, and legally compliant codebase without manual auditing.

Key Features

License compliance auditing for third-party dependencies
884 GitHub stars
Multi-language support for npm, pip, composer, gem, and Go
Automated CVE vulnerability scanning against global databases
Identification of outdated packages with version update suggestions
Actionable remediation reports for quick security fixes

Use Cases

Regularly scanning for outdated dependencies to maintain system performance
Auditing project licenses to ensure legal compatibility with open-source requirements
Performing pre-deployment security audits to prevent shipping vulnerable code

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills dependency-checker

For use in Claude.ai and ChatGPT

Download Skill

GitHub