npm-vulnerability-analysis
Installation
SKILL.md
NPM Vulnerability Analysis Skill
Prerequisites
- WebSearch tool available
- Internet connection
- Node.js environment (version 22 or higher)
Input
User provides:
- Package Name (required): The name of the npm package to analyze (e.g., "lodash", "fastify")
- Version Range (optional): Specific versions or version range to analyze.
- English: "4.17.10-4.17.21", "latest 10"
- Chinese: "最新 10" (latest 10), "4.17.10 到 4.17.21" (4.17.10 to 4.17.21)
- Defaults to "latest 10"
- Generate Report (optional): Whether to generate a detailed markdown, CSV, and HTML report, defaults to true.
- Report Output Path (optional): Directory path to save the generated report files (Markdown, CSV, HTML). Defaults to the
reportsdirectory in the project root (automatically created if missing).