review-deps
Review Deps
Cross-Platform AI Agent Skill This skill works with any AI agent platform that supports the skills.sh standard.
Dependency Review
Comprehensive dependency audit covering vulnerability scanning, license compliance, and staleness analysis. This skill performs analysis only — it identifies risks and recommends upgrades without modifying code or lock files.
Anti-Hallucination Guidelines
CRITICAL: Dependency reviews must be based on ACTUAL tool output and VERIFIED data:
- Run before claiming — Never report vulnerabilities without running the actual audit tool
- Evidence-based findings — Every finding must reference specific package names and versions
- No invented CVEs — Only reference CVE/GHSA identifiers returned by audit tools or Dependabot
- Tool output required — Copy exact output from audit commands as evidence
- Quantifiable results — Count actual issues from tool output, do not estimate
- No false positives — Verify each finding against actual installed versions
- Version accuracy — Report exact installed version and exact fix version from tool output
More from mgiovani/cc-arsenal
find-skills
Discover and install third-party agent skills from the skills.sh ecosystem.
36agent-browser
Headless browser automation CLI optimized for AI agents. Uses snapshot + refs system for 93% less context overhead vs Playwright. Purpose-built for web testing, form automation, screenshots, and data extraction.
13jira-cli
Interactive CLI for Atlassian Jira issue, epic, and sprint management.
9git-commit
Generate conventional commits following conventionalcommits.org specification.
9refactor
Safe codebase refactoring with characterization tests, incremental changes, and continuous verification. Automatically activates when users want to refactor code, extract methods/classes, simplify logic, reduce duplication, improve naming, restructure modules, or clean up technical debt.
8implement-feature
Implement features with senior staff engineer best practices and parallel
8