license-check
SKILL.md
License Compliance Checker
I'll analyze your project dependencies for license compliance, detect conflicts, and ensure legal compatibility.
Arguments: $ARGUMENTS - focus area (commercial, gpl, conflicts) or specific packages
License Compliance Philosophy
Core Principles:
- Identify all dependency licenses
- Detect incompatible license combinations
- Flag copyleft licenses for commercial projects
- Generate compliance documentation
- Track license changes
Token Optimization Strategy
Target: 70% reduction (2,000-3,000 → 600-900 tokens)
Core Optimization Patterns
1. Bash-Based License Detection Tools (Primary Strategy)
- ✅ Use
license-checkernpm package (external tool, minimal Claude tokens) - ✅ Use
pip-licensesfor Python (external tool output only) - ✅ Use
cargo-licensefor Rust (external tool) - ✅ Use
composer licensesfor PHP (native command) - ✅ Parse tool JSON output with
jq/grep(no Claude analysis) - Token savings: 80-90% vs. reading package manifests
2. Dependency List Caching (Aggressive Caching)
# Cache key from package file checksums
CACHE_KEY=$(md5sum package.json package-lock.json 2>/dev/null | md5sum | cut -d' ' -f1)
CACHE_FILE=".claude/cache/license-check/licenses-${CACHE_KEY}.json"
if [ -f "$CACHE_FILE" ]; then
# Use cached license data (0 tokens)
LICENSES="$CACHE_FILE"
else
# Generate fresh license scan
license-checker --json --production > "$CACHE_FILE"
fi
- Cache location:
.claude/cache/license-check/licenses-{checksum}.json - Cache validity: Until package files change (checksum mismatch)
- Token savings: 100% on cache hit (repeated checks)
3. Template-Based License Compatibility Rules (No Analysis)
# Hardcoded compatibility matrix (no LLM needed)
declare -A COMPATIBILITY=(
["MIT,GPL-2.0"]="CONFLICT"
["MIT,LGPL-2.1"]="OK"
["Apache-2.0,GPL-2.0"]="CONFLICT"
["GPL-3.0,MIT"]="OK"
# ... comprehensive matrix
)
check_conflict() {
local key="${PROJECT_LICENSE},${DEP_LICENSE}"
echo "${COMPATIBILITY[$key]:-UNKNOWN}"
}
- Token savings: 90% vs. explaining license interactions
4. Early Exit If All Licenses Compatible (Conditional Execution)
# Quick scan for problematic licenses
if ! grep -qE "GPL-[23]\.0|AGPL|Unlicense|WTFPL" licenses.json; then
echo "✓ All dependencies use permissive licenses (MIT, Apache, BSD, ISC)"
echo "✓ No license conflicts detected"
exit 0 # Skip detailed analysis
fi
# Only continue if issues found
- Token savings: 90% when no conflicts (most common case)
5. Progressive Disclosure (Conflicts → Warnings → Info)
# Show in priority order, exit early
show_conflicts() # Critical issues (GPL conflicts)
[ $? -eq 0 ] || exit 1
show_warnings() # Weak copyleft (LGPL, MPL)
show_info() # License distribution, recommendations
- Token savings: 50-70% by showing only relevant issues first
6. Focus Area Flags (Targeted Analysis)
# Parse focus area from $ARGUMENTS
case "$ARGUMENTS" in
*commercial*|*proprietary*)
check_commercial_compatibility # Only check GPL/AGPL
;;
*gpl*)
find_gpl_licenses # Only show GPL packages
;;
*conflicts*)
check_license_conflicts # Only show conflicts
;;
*copyleft*)
find_copyleft_licenses # LGPL + GPL
;;
esac
- Token savings: 60-80% by analyzing only requested aspect
7. Git Diff for Changed Dependencies Only (Default Behavior)
# Default: only check new/changed dependencies
if [ -z "$ARGUMENTS" ] || [[ "$ARGUMENTS" != *"all"* ]]; then
# Get changed dependencies from git diff
CHANGED_PACKAGES=$(git diff HEAD package.json | grep -E '^\+.*"[^"]+":' | cut -d'"' -f2)
if [ -z "$CHANGED_PACKAGES" ]; then
echo "✓ No dependency changes detected"
echo "✓ License compliance unchanged"
exit 0
fi
# Only check changed packages
license-checker --packages "$CHANGED_PACKAGES"
else
# Full audit if 'all' specified
license-checker --production
fi
- Token savings: 80% by checking only deltas
Token Usage Breakdown
Optimized Flow:
- ✅ Check git status for package file changes (50 tokens)
- ✅ Parse $ARGUMENTS for focus area (50 tokens)
- ✅ Check cache for license data (0 tokens if hit, 100 if miss)
- ✅ Run Bash license-checker tool (150 tokens)
- ✅ Bash grep/jq to filter issues (100 tokens)
- ✅ Early exit if no conflicts (50 tokens)
- ✅ Progressive disclosure if issues found (200-400 tokens)
- ✅ Update cache for future runs (50 tokens)
Total: 600-900 tokens (optimized) vs. 2,000-3,000 (unoptimized)
Usage Patterns & Token Costs
Quick check (changed deps only, cache hit):
/license-check
# 400-600 tokens (90% cache hit rate)
Full audit (all deps, no cache):
/license-check all
# 1,200-1,500 tokens (comprehensive scan)
Commercial compatibility check:
/license-check --commercial
# 300-500 tokens (GPL/AGPL only)
Conflicts only:
/license-check --conflicts
# 200-400 tokens (incompatible licenses only)
Find copyleft licenses:
/license-check --copyleft
# 300-500 tokens (GPL + LGPL + MPL)
Generate compliance report:
/license-check --report
# 1,500-2,000 tokens (full documentation)
Optimization Status
- Phase: Phase 2 Batch 3B (Core Skills)
- Date: 2026-01-26
- Status: ✅ Fully Optimized
- Reduction: 70% average (600-900 vs 2,000-3,000 tokens)
- Patterns Applied: 7/7 core patterns
- Cache Strategy: Aggressive (checksum-based, persistent)
- Early Exit: Yes (no conflicts = immediate return)
Shared Optimizations
Caches Shared With:
/dependency-audit- Reuses dependency license data/security-scan- Shares vulnerability + license context/ci-setup- Reuses license compliance rules
Common Cache Location:
.claude/cache/license-check/
├── licenses-{checksum}.json # License scan results
├── compatibility-matrix.json # Compatibility rules
├── known-conflicts-{checksum}.json # Detected conflicts
└── last-scan-{checksum}.txt # Scan timestamp
Cache Invalidation:
- Automatic on package file changes (checksum mismatch)
- Manual via
rm -rf .claude/cache/license-check/ - 7-day TTL for unchanged projects
Performance Characteristics
Best Case (no changes, cache hit):
- Token cost: ~400 tokens
- Time: <2 seconds
- Outcome: "✓ No dependency changes, license compliance unchanged"
Typical Case (changed deps, cache hit):
- Token cost: ~600 tokens
- Time: ~5 seconds
- Outcome: Analyze only new/changed packages
Worst Case (full audit, no cache):
- Token cost: ~1,500 tokens
- Time: ~15 seconds
- Outcome: Complete license compliance report
Conflict Case (issues found):
- Token cost: ~900 tokens
- Time: ~10 seconds
- Outcome: Progressive disclosure of conflicts, warnings, recommendations
Phase 1: License Detection
#!/bin/bash
# Detect project licenses and dependency managers
detect_license_info() {
echo "=== License Detection ==="
echo ""
# Check project license
if [ -f "LICENSE" ] || [ -f "LICENSE.md" ] || [ -f "LICENSE.txt" ]; then
echo "✓ Project license file found"
PROJECT_LICENSE=$(head -5 LICENSE* | grep -i -o "MIT\|Apache\|GPL\|BSD\|ISC" | head -1)
if [ -n "$PROJECT_LICENSE" ]; then
echo " Project license: $PROJECT_LICENSE"
fi
else
echo "⚠️ No project license file found"
fi
# Check package.json license field
if [ -f "package.json" ]; then
PKG_LICENSE=$(grep -o '"license"[[:space:]]*:[[:space:]]*"[^"]*"' package.json | cut -d'"' -f4)
if [ -n "$PKG_LICENSE" ]; then
echo " package.json license: $PKG_LICENSE"
fi
fi
echo ""
# Detect package managers
MANAGERS=()
if [ -f "package.json" ]; then
echo "✓ Node.js project detected"
MANAGERS+=("npm")
fi
if [ -f "requirements.txt" ] || [ -f "setup.py" ] || [ -f "pyproject.toml" ]; then
echo "✓ Python project detected"
MANAGERS+=("pip")
fi
if [ -f "Gemfile" ]; then
echo "✓ Ruby project detected"
MANAGERS+=("bundler")
fi
if [ -f "go.mod" ]; then
echo "✓ Go project detected"
MANAGERS+=("go")
fi
if [ -f "Cargo.toml" ]; then
echo "✓ Rust project detected"
MANAGERS+=("cargo")
fi
if [ -f "composer.json" ]; then
echo "✓ PHP project detected"
MANAGERS+=("composer")
fi
echo ""
}
detect_license_info
Phase 2: Node.js License Analysis
#!/bin/bash
# Comprehensive Node.js license checking
check_npm_licenses() {
echo "=== Node.js License Analysis ==="
echo ""
# Install license-checker if not available
if ! command -v license-checker &> /dev/null; then
echo "Installing license-checker..."
npm install -g license-checker
fi
# Generate license report
echo "Scanning dependencies..."
license-checker --json --production > .licenses.json 2>/dev/null
if [ ! -f ".licenses.json" ]; then
echo "❌ Failed to generate license report"
exit 1
fi
# License categories
PERMISSIVE_LICENSES=("MIT" "Apache-2.0" "BSD-2-Clause" "BSD-3-Clause" "ISC" "0BSD")
WEAK_COPYLEFT=("LGPL-2.1" "LGPL-3.0" "MPL-2.0")
STRONG_COPYLEFT=("GPL-2.0" "GPL-3.0" "AGPL-3.0")
PROBLEMATIC=("CC-BY-NC" "Commons Clause" "Unlicense" "WTFPL")
echo ""
echo "=== License Summary ==="
echo ""
# Count licenses
total_packages=$(cat .licenses.json | grep -c '"licenses":')
echo "Total packages: $total_packages"
echo ""
# Categorize licenses
echo "License breakdown:"
cat .licenses.json | grep -o '"licenses":"[^"]*"' | sort | uniq -c | sort -rn | while read count license; do
license_name=$(echo "$license" | cut -d'"' -f4)
printf " %-30s %5d\n" "$license_name" "$count"
done
echo ""
}
check_npm_licenses
Identify License Issues
#!/bin/bash
# Detect license compliance issues
detect_license_issues() {
echo "=== License Compliance Issues ==="
echo ""
ISSUES_FOUND=false
# Check for strong copyleft licenses
echo "Checking for copyleft licenses..."
COPYLEFT_PKGS=$(cat .licenses.json | grep -E "GPL-[23]\.0|AGPL" | grep -o '"[^"]*@[^"]*":')
if [ -n "$COPYLEFT_PKGS" ]; then
echo "❌ STRONG COPYLEFT licenses found (may require source disclosure):"
echo "$COPYLEFT_PKGS" | sed 's/"//g' | sed 's/://g' | sed 's/^/ - /'
echo ""
echo "⚠️ WARNING: GPL/AGPL licenses may require:"
echo " - Source code disclosure"
echo " - Same license for derivative works"
echo " - Patent grants"
echo ""
ISSUES_FOUND=true
else
echo "✓ No strong copyleft licenses detected"
fi
echo ""
# Check for weak copyleft licenses
echo "Checking for weak copyleft licenses..."
WEAK_COPYLEFT_PKGS=$(cat .licenses.json | grep -E "LGPL|MPL-2\.0" | grep -o '"[^"]*@[^"]*":')
if [ -n "$WEAK_COPYLEFT_PKGS" ]; then
echo "⚠️ WEAK COPYLEFT licenses found:"
echo "$WEAK_COPYLEFT_PKGS" | sed 's/"//g' | sed 's/://g' | sed 's/^/ - /'
echo ""
echo "Note: LGPL allows usage if dynamically linked"
echo "MPL-2.0 requires modified files to be open-sourced"
echo ""
else
echo "✓ No weak copyleft licenses detected"
fi
echo ""
# Check for custom/unknown licenses
echo "Checking for custom/unknown licenses..."
CUSTOM_LICENSES=$(cat .licenses.json | grep -o '"licenses":"[^"]*"' | grep -v -E "MIT|Apache|BSD|ISC|GPL|LGPL|MPL|CC0" | grep -v "UNKNOWN")
if [ -n "$CUSTOM_LICENSES" ]; then
echo "⚠️ Custom/uncommon licenses found (manual review needed):"
echo "$CUSTOM_LICENSES" | sed 's/"licenses":"//g' | sed 's/"//g' | sort -u | sed 's/^/ - /'
echo ""
ISSUES_FOUND=true
else
echo "✓ All licenses are standard OSI-approved"
fi
echo ""
# Check for packages without licenses
echo "Checking for unlicensed packages..."
UNLICENSED=$(cat .licenses.json | grep '"licenses":"UNKNOWN\|UNLICENSED"' | grep -o '"[^"]*@[^"]*":')
if [ -n "$UNLICENSED" ]; then
echo "❌ Packages without clear licenses:"
echo "$UNLICENSED" | sed 's/"//g' | sed 's/://g' | sed 's/^/ - /'
echo ""
echo "Action: Contact package authors or find alternatives"
echo ""
ISSUES_FOUND=true
else
echo "✓ All packages have declared licenses"
fi
echo ""
if [ "$ISSUES_FOUND" = true ]; then
echo "⚠️ License compliance issues detected"
echo "Review recommendations above"
else
echo "✓ No critical license issues found"
echo "All dependencies use permissive licenses"
fi
echo ""
}
detect_license_issues
Phase 3: Python License Analysis
#!/bin/bash
# Python license checking
check_python_licenses() {
echo "=== Python License Analysis ==="
echo ""
# Install pip-licenses if not available
if ! command -v pip-licenses &> /dev/null; then
echo "Installing pip-licenses..."
pip install pip-licenses
fi
# Generate license report
echo "Scanning Python dependencies..."
pip-licenses --format=json --with-urls > .pip-licenses.json 2>/dev/null
if [ ! -f ".pip-licenses.json" ]; then
echo "❌ Failed to generate license report"
exit 1
fi
echo ""
echo "=== License Summary ==="
echo ""
# Count packages
total_packages=$(cat .pip-licenses.json | grep -c '"Name":')
echo "Total packages: $total_packages"
echo ""
# License breakdown
echo "License breakdown:"
cat .pip-licenses.json | grep -o '"License":"[^"]*"' | sort | uniq -c | sort -rn | while read count license; do
license_name=$(echo "$license" | cut -d'"' -f4)
printf " %-40s %5d\n" "$license_name" "$count"
done
echo ""
# Check for problematic licenses
echo "Checking for problematic licenses..."
GPL_PKGS=$(cat .pip-licenses.json | grep -B 1 '"License":".*GPL' | grep '"Name":' | cut -d'"' -f4)
if [ -n "$GPL_PKGS" ]; then
echo "⚠️ GPL-licensed packages:"
echo "$GPL_PKGS" | sed 's/^/ - /'
echo ""
else
echo "✓ No GPL licenses found"
fi
rm -f .pip-licenses.json
echo ""
}
check_python_licenses
Phase 4: License Conflict Detection
#!/bin/bash
# Detect incompatible license combinations
check_license_conflicts() {
echo "=== License Conflict Detection ==="
echo ""
PROJECT_LICENSE="${1:-MIT}" # Default to MIT if not specified
echo "Project license: $PROJECT_LICENSE"
echo ""
# Define compatibility rules
check_compatibility() {
local project_lic="$1"
local dep_lic="$2"
case "$project_lic" in
MIT|Apache-2.0|BSD-*|ISC)
# Permissive licenses are compatible with most licenses
case "$dep_lic" in
*GPL*|*AGPL*)
echo "CONFLICT"
;;
*)
echo "OK"
;;
esac
;;
LGPL-*)
# LGPL can use MIT/Apache but not GPL
case "$dep_lic" in
GPL-*|AGPL-*)
echo "CONFLICT"
;;
*)
echo "OK"
;;
esac
;;
GPL-*|AGPL-*)
# GPL can use anything except incompatible GPL versions
echo "OK"
;;
*)
echo "UNKNOWN"
;;
esac
}
CONFLICTS_FOUND=false
# Check each dependency license
if [ -f ".licenses.json" ]; then
cat .licenses.json | grep -o '"[^"]*@[^"]*":[^}]*"licenses":"[^"]*"' | while IFS=: read package info; do
pkg_name=$(echo "$package" | sed 's/"//g')
dep_license=$(echo "$info" | grep -o '"licenses":"[^"]*"' | cut -d'"' -f4)
compatibility=$(check_compatibility "$PROJECT_LICENSE" "$dep_license")
if [ "$compatibility" = "CONFLICT" ]; then
echo "❌ CONFLICT: $pkg_name ($dep_license)"
CONFLICTS_FOUND=true
fi
done
fi
if [ "$CONFLICTS_FOUND" = false ]; then
echo "✓ No license conflicts detected"
fi
echo ""
}
check_license_conflicts "$PROJECT_LICENSE"
Phase 5: Generate Compliance Report
#!/bin/bash
# Generate comprehensive license compliance report
generate_compliance_report() {
local output="${1:-LICENSE_COMPLIANCE_REPORT.md}"
echo "=== Generating Compliance Report ==="
echo ""
cat > "$output" << EOF
# License Compliance Report
**Generated:** $(date +"%Y-%m-%d %H:%M:%S")
**Project:** $(basename $(pwd))
## Executive Summary
EOF
# Add project license
if [ -f "LICENSE" ]; then
echo "**Project License:** $(head -5 LICENSE | grep -i -o "MIT\|Apache\|GPL\|BSD\|ISC" | head -1)" >> "$output"
fi
echo "" >> "$output"
# Add statistics
if [ -f ".licenses.json" ]; then
total=$(cat .licenses.json | grep -c '"licenses":')
echo "**Total Dependencies:** $total" >> "$output"
echo "" >> "$output"
# License breakdown
echo "## License Distribution" >> "$output"
echo "" >> "$output"
echo "| License | Count |" >> "$output"
echo "|---------|-------|" >> "$output"
cat .licenses.json | grep -o '"licenses":"[^"]*"' | sort | uniq -c | sort -rn | while read count license; do
license_name=$(echo "$license" | cut -d'"' -f4)
echo "| $license_name | $count |" >> "$output"
done
echo "" >> "$output"
fi
# Add compliance status
cat >> "$output" << EOF
## Compliance Status
### ✅ Permissive Licenses (Safe for Commercial Use)
- MIT
- Apache-2.0
- BSD (2-Clause, 3-Clause)
- ISC
### ⚠️ Weak Copyleft (Review Required)
- LGPL (requires dynamic linking)
- MPL-2.0 (modified files must be open-sourced)
### ❌ Strong Copyleft (Commercial Risk)
- GPL-2.0, GPL-3.0
- AGPL-3.0
EOF
# Add detailed dependency list
echo "## Detailed Dependency Licenses" >> "$output"
echo "" >> "$output"
if [ -f ".licenses.json" ]; then
echo "| Package | License | Repository |" >> "$output"
echo "|---------|---------|------------|" >> "$output"
cat .licenses.json | python3 -c "
import json, sys
data = json.load(sys.stdin)
for pkg, info in sorted(data.items()):
license = info.get('licenses', 'Unknown')
repo = info.get('repository', 'N/A')
print(f'| {pkg} | {license} | {repo} |')
" >> "$output" 2>/dev/null
fi
echo "" >> "$output"
# Add recommendations
cat >> "$output" << EOF
## Recommendations
1. **Document all dependencies** - Maintain THIRD_PARTY_LICENSES file
2. **Monitor license changes** - Run this check before releases
3. **Legal review** - Consult legal counsel for GPL/AGPL dependencies
4. **Update policy** - Define acceptable licenses for the project
5. **Regular audits** - Quarterly license compliance checks
## Action Items
- [ ] Review all copyleft licenses
- [ ] Replace problematic dependencies if necessary
- [ ] Update THIRD_PARTY_LICENSES file
- [ ] Add license checking to CI/CD pipeline
- [ ] Document license compliance policy
## Tools Used
- license-checker (Node.js)
- pip-licenses (Python)
- Manual LICENSE file analysis
## Notes
This report is for informational purposes. Consult legal counsel for
specific compliance questions.
EOF
echo "✓ Compliance report generated: $output"
echo ""
}
generate_compliance_report "$1"
Phase 6: THIRD_PARTY_LICENSES Generation
#!/bin/bash
# Generate THIRD_PARTY_LICENSES file
generate_third_party_licenses() {
local output="${1:-THIRD_PARTY_LICENSES.txt}"
echo "=== Generating Third-Party Licenses ==="
echo ""
cat > "$output" << EOF
THIRD-PARTY SOFTWARE LICENSES
This file contains the licenses for third-party software used in this project.
Generated: $(date +"%Y-%m-%d")
================================================================================
EOF
# Node.js dependencies
if [ -f "package.json" ]; then
echo "Node.js Dependencies" >> "$output"
echo "===================" >> "$output"
echo "" >> "$output"
license-checker --plainVertical >> "$output" 2>/dev/null
echo "" >> "$output"
fi
# Python dependencies
if [ -f "requirements.txt" ]; then
echo "Python Dependencies" >> "$output"
echo "==================" >> "$output"
echo "" >> "$output"
pip-licenses --format=plain-vertical >> "$output" 2>/dev/null
echo "" >> "$output"
fi
echo "✓ Third-party licenses file generated: $output"
echo ""
}
generate_third_party_licenses "$1"
Phase 7: CI/CD Integration
#!/bin/bash
# Add license checking to CI/CD
add_license_check_to_ci() {
echo "=== Adding License Check to CI/CD ==="
echo ""
# GitHub Actions workflow
if [ -d ".github/workflows" ]; then
cat > .github/workflows/license-check.yml << 'EOF'
name: License Compliance Check
on:
pull_request:
branches: [main, master]
push:
branches: [main, master]
schedule:
- cron: '0 0 * * 0' # Weekly on Sunday
jobs:
license-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install dependencies
run: npm ci
- name: Install license-checker
run: npm install -g license-checker
- name: Check licenses
run: |
license-checker --production --failOn "GPL-2.0;GPL-3.0;AGPL-3.0"
- name: Generate license report
if: always()
run: |
license-checker --json --production > licenses.json
- name: Upload license report
if: always()
uses: actions/upload-artifact@v4
with:
name: license-report
path: licenses.json
EOF
echo "✓ GitHub Actions workflow created"
fi
# Pre-commit hook
if [ -d ".git/hooks" ]; then
cat > .git/hooks/pre-commit-license-check << 'EOF'
#!/bin/bash
# Pre-commit license compliance check
echo "Checking license compliance..."
if [ -f "package.json" ]; then
license-checker --production --failOn "GPL-2.0;GPL-3.0;AGPL-3.0" || {
echo ""
echo "❌ License compliance check failed!"
echo "Run: /license-check to review licenses"
exit 1
}
fi
echo "✓ License compliance check passed"
EOF
chmod +x .git/hooks/pre-commit-license-check
echo "✓ Pre-commit hook created"
fi
echo ""
}
add_license_check_to_ci
Practical Examples
Full compliance check:
/license-check
/license-check --report
Specific focus:
/license-check --commercial # Check for commercial compatibility
/license-check --gpl # Find GPL licenses
/license-check --conflicts # Detect conflicts
Generate documentation:
/license-check --generate-report
/license-check --third-party-licenses
Best Practices
License Management:
- ✅ Check licenses before adding dependencies
- ✅ Document all third-party software
- ✅ Review licenses quarterly
- ✅ Update LICENSE file when dependencies change
- ✅ Automate checks in CI/CD
Red Flags:
- ❌ GPL/AGPL in proprietary software
- ❌ Unlicensed dependencies
- ❌ Custom licenses without review
- ❌ License changes in updates
Integration Points
/dependency-audit- Combined security and license audit/ci-setup- Add license checks to CI pipeline/docs- Generate compliance documentation
What I'll Actually Do
- Detect licenses - Scan all dependencies
- Categorize - Group by license type
- Find conflicts - Check compatibility
- Generate reports - Create compliance documentation
- Provide guidance - Actionable recommendations
Important: I will NEVER:
- Provide legal advice (consult a lawyer)
- Ignore license violations
- Auto-accept copyleft licenses
- Add AI attribution
All license analysis will be thorough, accurate, and well-documented. This is informational only - consult legal counsel for compliance decisions.
Credits: Based on license-checker, pip-licenses, and OSI license compatibility guidelines.
Weekly Installs
4
Repository
manastalukdar/c…evstudioGitHub Stars
1
First Seen
Feb 21, 2026
Security Audits
Installed on
opencode4
gemini-cli4
github-copilot4
codex4
kimi-cli4
amp4