review-dependency

Installation

SKILL.md

Dependency Review

Review code from a dependency and supply chain security perspective.

Review Checklist

Vulnerability Assessment

Check new dependencies for known CVEs
Verify dependency versions are not end-of-life
Look for dependencies with poor maintenance (no recent updates)
Check for typosquatting risks on package names

License Compliance

Verify license compatibility with project license
Check for copyleft licenses (GPL) in proprietary projects
Look for license changes in version upgrades
Ensure license attribution requirements are met

Installs

2

Repository

shotaiuchi/dotclaude

First Seen

Feb 28, 2026

Security Audits

Gen Agent Trust HubPass

review-dependency — shotaiuchi/dotclaude