Audits project dependencies for known CVEs and security vulnerabilities across multiple package ecosystems.
The check-deps skill provides a comprehensive security scanning solution for your software supply chain directly within Claude Code. It automatically detects and analyzes dependencies for known vulnerabilities (CVEs) across popular ecosystems including npm, Python (pip), .NET, and Rust (Cargo). By providing detailed risk assessments, CVSS scores, and prioritized remediation plans, this skill empowers developers to proactively secure their applications and address transitive dependency risks before they can be exploited.
Key Features
01Detailed CVE reporting with CVSS severity scores
02Direct vs. transitive dependency path analysis
03Multi-ecosystem support for npm, pip, .NET, and Cargo
04Actionable remediation and upgrade recommendations
0538 GitHub stars
06Supply chain risk detection for abandoned or malicious packages
Use Cases
01Identifying and fixing transitive vulnerabilities in complex software stacks
02Generating security compliance reports for package management
03Performing a security audit on legacy projects with outdated dependencies
