Vulnerable and Outdated Components Analysis

Analyze project dependencies for known vulnerabilities (CVEs), abandoned packages, unpinned versions, typosquatting risks, and excessive transitive dependency chains. This skill heavily relies on external scanners for CVE detection and uses Claude analysis for configuration hygiene, supply chain risks, and contextual assessment.

Supported Flags

Read ../../shared/schemas/flags.md for full flag documentation. This skill supports all cross-cutting flags.

Key flags for this skill: