dependency-audit
SKILL.md
Dependency Audit Skill
Overview
Run dependency vulnerability checks using native package manager audit tools.
Supported Ecosystems
| Ecosystem | Tool | Auto-fix |
|---|---|---|
| npm/yarn/pnpm/bun | npm audit / yarn audit |
Yes |
| PHP/Composer | composer audit |
Manual |
| Python/pip | pip-audit / safety check |
Manual |
| Rust/Cargo | cargo audit |
Yes |
| Go | govulncheck ./... |
Manual |
| Swift/CocoaPods | pod audit |
Manual |
| Ruby/Bundler | bundle audit |
Manual |
Workflow
- Detect package manager from lock files
- Run appropriate audit command
- Parse output for vulnerabilities
- Classify by severity (CRITICAL/HIGH/MEDIUM/LOW)
- Suggest fix versions or alternatives
Auto-Fix Support
When --fix flag is used:
npm audit fixfor safe updatescargo audit fixfor Rust- Manual guidance for other ecosystems
References
Weekly Installs
13
Repository
fusengine/agentsGitHub Stars
3
First Seen
Feb 28, 2026
Security Audits
Installed on
gemini-cli13
opencode13
codebuddy13
github-copilot13
codex13
kimi-cli13