add-dependency
Add a new third-party dependency to the project following the version catalog and approval workflow.
Best use case
add-dependency is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Add a new third-party dependency to the project following the version catalog and approval workflow.
Teams using add-dependency should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/add-dependency/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How add-dependency Compares
| Feature / Agent | add-dependency | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Add a new third-party dependency to the project following the version catalog and approval workflow.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Add Third-Party Dependency
This skill outlines the necessary steps to validly adding a new dependency to the project.
## Workflow
1. **Verify Necessity**:
* **Goal**: Ensure the dependency is absolutely necessary.
* **Action**: Avoid adding new third-party dependencies unless there is no tailored solution available or implementing it manually helps the project significantly.
* **Action**: You **MUST** get user approval before adding any new third-party dependency. Explain why it is needed and what alternatives were considered.
2. **Find Latest Version**:
* **Goal**: Use the most up-to-date stable version.
* **Action**: Perform a web search to determine the latest stable version of the library.
* **Example**: `search_web(query="latest version of retrofit")`
3. **Update Version Catalog**:
* **Goal**: Centralize dependency management.
* **Action**: Add the dependency to `gradle/libs.versions.toml`.
* **Format**:
```toml
[versions]
libraryName = "1.2.3"
[libraries]
library-artifact = { group = "com.example", name = "library-artifact", version.ref = "libraryName" }
```
4. **Sync and Build**:
* **Goal**: Verify the dependency is resolved correctly.
* **Action**: Run a build or sync command to ensure the new dependency doesn't break the build.
* **Command**: `./gradlew assembleDebug` (or relevant task).
## Guidelines
- **Approval First**: Do not modify files before getting confirmation from the user (unless in a fully autonomous mode where this is pre-approved).
- **No Hardcoding**: Never put version numbers directly in `build.gradle.kts` files. Always use the version catalog (`libs.versions.toml`).Related Skills
dependency-vulnerability-checker
Dependency Vulnerability Checker - Auto-activating skill for Security Fundamentals. Triggers on: dependency vulnerability checker, dependency vulnerability checker Part of the Security Fundamentals skill category.
dependency-upgrade
Manage major dependency version upgrades with compatibility analysis, staged rollout, and comprehensive testing. Use when upgrading framework versions, updating major dependencies, or managing breaking changes in libraries.
dependency-management-deps-audit
You are a dependency security expert specializing in vulnerability scanning, license compliance, and supply chain security. Analyze project dependencies for known vulnerabilities, licensing issues, outdated packages, and provide actionable remediation strategies.
dependency-security
Enforce dependency security scanning and SBOM generation. Use when adding dependencies, reviewing package.json, or during security audits. Covers OWASP dependency check, npm audit, and supply chain security.
when-mapping-dependencies-use-dependency-mapper
Comprehensive dependency mapping, analysis, and visualization tool for software projects
dependency-auditor
Automated security auditing of project dependencies to identify known vulnerabilities.
dependency-audit-assistant
Reviews package dependencies for security vulnerabilities, outdated versions, and license compliance. Use when user asks about dependencies, security audits, or before releases.
dependency-sync
Detect new imports in modified files and auto-install missing dependencies. Works with npm, uv, pip, cargo, go mod, and other package managers. Triggers after code implementation to keep manifests in sync.
dependency-management
Dependency management specialist. Use when updating dependencies, scanning for vulnerabilities, analyzing dependency trees, or ensuring license compliance. Handles npm, pip, maven, and other package managers.
Dependency Updater
## Overview
DepMap — Cancer Dependency Map
## Overview
ios-dependency-injection
Standards for Protocol-based DI, Property Wrappers, and Factory/Needle. Use when configuring dependency injection or factory patterns in iOS. (triggers: **/*.swift, @Injected, Resolver, Container, Swinject, register, resolve)