audit-deps
Dependency Audit
Commands
Run in parallel:
npm auditnpm outdated
Workflow
- Run audit and outdated check in parallel
- Report critical vulnerabilities with CVE + fix command (see severity-levels.md)
- List outdated packages: table of package/current/latest/type (major vs minor/patch)
- Check for unused deps: grep imports in
src/
Rules
- Never use
npxdirectly - Focus on actionable items
- Prioritize: security > major updates > unused > minor updates
Error Handling
- If
npm auditfails → runnpm installfirst to generatepackage-lock.json, then retry - If
npm outdatedreturns nothing → report all dependencies are current - If
npmis not found → report incompatibility; this skill requires npm
More from helderberto/skills
safe-repo
Check for sensitive data in repository. Use when user asks to "check for sensitive data", "/safe-repo", or wants to verify no company/credential data is in the repository. Don't use for general code review, adding .gitignore entries, or scanning non-git directories.
41architecture-audit
Explore a codebase to surface architectural friction and propose refactors toward deep modules (simple interface, large implementation) as GitHub issue RFCs. Use when user wants to improve architecture, find refactoring opportunities, consolidate tightly-coupled modules, or make a codebase more testable and AI-navigable. Don't use for small one-off refactors or single-file cleanups.
24grill-me
Interview the user relentlessly about a plan or design until reaching shared understanding, resolving each branch of the decision tree. Use when user wants to stress-test a plan, get grilled on their design, or mentions "grill me".
22write-a-prd
Create a PRD through user interview, codebase exploration, and module design, saved locally to prds/. Use when user wants to write a PRD, create a product requirements document, or plan a new feature. Don't use for refactoring plans, bug reports, or small changes.
12fortify
Fortify existing code by splitting large functions, adding edge-case coverage, and backfilling unit tests. Use when user asks to "fortify", "harden", "bulletproof", "make robust", "make solid", "strengthen", "add missing tests", "split functions", or wants to improve reliability of existing code. Don't use for new features (use tdd), refactoring plans (use refactor-plan), or code review (use code-review).
10validate-code
Validate code quality: auto-fix formatting/lint, verify types, run tests. Use when user asks to \"validate code\", \"/validate-code\", \"check code\", or wants to validate before committing. Don't use for committing, pushing, or writing new tests.
9