deps-health-inline

Inline orchestration workflow for dependency audit and updates with Beads integration. Provides step-by-step phases for dependency-auditor detection, priority-based updates with dependency-updater, and verification cycles.

164 stars

bymaslennikov-ig

View on GitHub Installation ↓

Best use case

deps-health-inline is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Teams using deps-health-inline should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/deps-health-inline/SKILL.md --create-dirs "https://raw.githubusercontent.com/maslennikov-ig/claude-code-orchestrator-kit/main/.claude/skills/deps-health-inline/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/deps-health-inline/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How deps-health-inline Compares

Feature / Agent	deps-health-inline	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

Related Guides

Best AI Skills for Claude

Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.

ChatGPT vs Claude for Agent Skills

Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.

SKILL.md Source

# Dependency Health Check (Inline Orchestration)

You ARE the orchestrator. Execute this workflow directly without spawning a separate orchestrator agent.

## Workflow Overview

```
Beads Init → Audit → Create Issues → Update by Priority → Close Issues → Verify → Beads Complete
```

**Max iterations**: 3
**Priorities**: critical → high → medium → low
**Beads integration**: Automatic issue tracking

---

## Phase 1: Pre-flight & Beads Init

1. **Setup directories**:
   ```bash
   mkdir -p .tmp/current/{plans,changes,backups}
   ```

2. **Validate environment**:
   - Check `package.json` exists
   - Check `type-check` and `build` scripts exist
   - Check lockfile exists (pnpm-lock.yaml, package-lock.json, yarn.lock)

3. **Create Beads wisp**:
   ```bash
   bd mol wisp exploration --vars "question=Dependency audit and update"
   ```

   **IMPORTANT**: Save the wisp ID (e.g., `mc2-xxx`) for later use.

4. **Initialize TodoWrite**:
   ```json
   [
     {"content": "Dependency audit", "status": "in_progress", "activeForm": "Auditing dependencies"},
     {"content": "Create Beads issues", "status": "pending", "activeForm": "Creating issues"},
     {"content": "Fix critical dependency issues", "status": "pending", "activeForm": "Fixing critical deps"},
     {"content": "Fix high priority dependency issues", "status": "pending", "activeForm": "Fixing high deps"},
     {"content": "Fix medium priority dependency issues", "status": "pending", "activeForm": "Fixing medium deps"},
     {"content": "Fix low priority dependency issues", "status": "pending", "activeForm": "Fixing low deps"},
     {"content": "Verification audit", "status": "pending", "activeForm": "Verifying updates"},
     {"content": "Complete Beads wisp", "status": "pending", "activeForm": "Completing wisp"}
   ]
   ```

---

## Phase 2: Detection

**Invoke dependency-auditor** via Task tool:

```
subagent_type: "dependency-auditor"
description: "Audit all dependencies"
prompt: |
  Audit the entire codebase for dependency issues:
  - Security vulnerabilities (npm audit / pnpm audit)
  - Outdated packages (major/minor/patch)
  - Unused dependencies (via Knip)
  - Deprecated packages
  - License compliance issues
  - Categorize by priority (critical/high/medium/low)

  Generate: dependency-scan-report.md

  Return summary with issue counts per priority.
```

**After dependency-auditor returns**:
1. Read `dependency-scan-report.md`
2. Parse issue counts by priority
3. If zero issues → skip to Phase 7 (Final Summary)
4. Update TodoWrite: mark audit complete

---

## Phase 3: Create Beads Issues

**For each dependency issue found**, create a Beads issue:

```bash
# Critical security vulnerabilities (P0)
bd create "DEP-SEC: {package}@{version} - {vulnerability}" -t bug -p 0 -d "{description}" \
  --deps discovered-from:{wisp_id}

# High - outdated major versions with breaking changes (P1)
bd create "DEP: {package} major update {old} → {new}" -t chore -p 1 -d "{description}" \
  --deps discovered-from:{wisp_id}

# Medium - minor updates, deprecated packages (P2)
bd create "DEP: {package} update {old} → {new}" -t chore -p 2 -d "{description}" \
  --deps discovered-from:{wisp_id}

# Low - patch updates, unused deps (P3)
bd create "DEP: {package} - {issue}" -t chore -p 3 -d "{description}" \
  --deps discovered-from:{wisp_id}
```

**Track issue IDs** in a mapping for later closure.

Update TodoWrite: mark "Create Beads issues" complete.

---

## Phase 4: Quality Gate (Pre-update)

Run inline validation:

```bash
pnpm type-check
pnpm build
```

- If both pass → proceed to updates
- If fail → report to user, exit

---

## Phase 5: Update Loop

**For each priority** (critical → high → medium → low):

1. **Check if issues exist** for this priority
   - If zero → skip to next priority

2. **Update TodoWrite**: mark current priority in_progress

3. **Claim issues in Beads**:
   ```bash
   bd update {issue_id} --status in_progress
   ```

4. **Invoke dependency-updater** via Task tool:
   ```
   subagent_type: "dependency-updater"
   description: "Update {priority} dependencies"
   prompt: |
     Read dependency-scan-report.md and fix all {priority} priority issues.

     For each issue:
     1. Backup package.json and lockfile
     2. Update ONE dependency at a time
     3. Run type-check and build after each update
     4. If fails, rollback and skip
     5. Log change to .tmp/current/changes/deps-changes.json

     Generate/update: dependency-updates-implemented.md

     Return: count of updated deps, count of failed updates, list of updated dep IDs.
   ```

5. **Quality Gate** (inline):
   ```bash
   pnpm type-check
   pnpm build
   ```

   - If FAIL → report error, suggest rollback, exit
   - If PASS → continue

6. **Close updated issues in Beads**:
   ```bash
   bd close {issue_id_1} {issue_id_2} ... --reason "Dependency updated"
   ```

7. **Update TodoWrite**: mark priority complete

8. **Repeat** for next priority

---

## Phase 6: Verification

After all priorities updated:

1. **Update TodoWrite**: mark verification in_progress

2. **Invoke dependency-auditor** (verification mode):
   ```
   subagent_type: "dependency-auditor"
   description: "Verification audit"
   prompt: |
     Re-audit dependencies after updates.
     Compare with previous dependency-scan-report.md.

     Report:
     - Issues fixed (count)
     - Issues remaining (count)
     - New issues introduced (count)
   ```

3. **Decision**:
   - If issues_remaining == 0 → Phase 7
   - If iteration < 3 AND issues_remaining > 0 → Go to Phase 2
   - If iteration >= 3 → Phase 7 with remaining issues

---

## Phase 7: Final Summary & Beads Complete

1. **Complete Beads wisp**:
   ```bash
   # If all updated
   bd mol squash {wisp_id}

   # If nothing found
   bd mol burn {wisp_id}
   ```

2. **Create issues for remaining items** (if any):
   ```bash
   bd create "DEP REMAINING: {package} - {issue}" -t chore -p {priority} \
     -d "Not updated in audit. May require manual intervention. See dependency-scan-report.md"
   ```

3. **Generate summary for user**:

```markdown
## Dependency Health Check Complete

**Wisp ID**: {wisp_id}
**Iterations**: {count}/3
**Status**: {SUCCESS/PARTIAL}

### Results
- Found: {total} dependency issues
- Fixed: {fixed} ({percentage}%)
- Remaining: {remaining}

### By Priority
- Critical: {fixed}/{total}
- High: {fixed}/{total}
- Medium: {fixed}/{total}
- Low: {fixed}/{total}

### Beads Issues
- Created: {count}
- Closed: {count}
- Remaining: {count}

### Validation
- Type Check: {status}
- Build: {status}

### Artifacts
- Audit: `dependency-scan-report.md`
- Updates: `dependency-updates-implemented.md`
```

4. **Update TodoWrite**: mark wisp complete

5. **SESSION CLOSE PROTOCOL**:
   ```bash
   git status
   git add .
   bd sync
   git commit -m "chore(deps): {fixed} dependencies updated ({wisp_id})"
   bd sync
   git push
   ```

---

## Error Handling

**If quality gate fails**:
```
Rollback available: .tmp/current/changes/deps-changes.json

To rollback:
1. Read changes log
2. Restore package.json and lockfile from .tmp/current/backups/
3. Run pnpm install
4. Re-run workflow
```

**If worker fails**:
- Report error to user
- Keep Beads wisp open for manual completion
- Suggest manual intervention
- Exit workflow

**If Beads command fails**:
- Log error but continue workflow
- Beads tracking is enhancement, not blocker

---

## Quick Reference

| Phase | Beads Action |
|-------|--------------|
| 1. Pre-flight | `bd mol wisp exploration` |
| 3. After audit | `bd create` for each issue |
| 5. Before update | `bd update --status in_progress` |
| 5. After update | `bd close --reason "Updated"` |
| 7. Complete | `bd mol squash/burn` |
| 7. Remaining | `bd create` for failed updates |

Related Skills

security-health-inline

164

from maslennikov-ig/claude-code-orchestrator-kit

Inline orchestration workflow for security vulnerability detection and remediation with Beads integration. Provides step-by-step phases for security-scanner detection, priority-based fixing with vulnerability-fixer, and verification cycles.

reuse-health-inline

164

from maslennikov-ig/claude-code-orchestrator-kit

Inline orchestration workflow for code duplication detection and consolidation with Beads integration. Provides step-by-step phases for reuse-hunter detection, priority-based consolidation with reuse-fixer, and verification cycles.

health-bugs

164

from maslennikov-ig/claude-code-orchestrator-kit

Inline orchestration workflow for automated bug detection and fixing with Beads integration. Provides step-by-step phases for bug-hunter detection, history enrichment for priority bugs, priority-based fixing with bug-fixer, and verification cycles.

cleanup-health-inline

164

from maslennikov-ig/claude-code-orchestrator-kit

Inline orchestration workflow for dead code detection and removal with Beads integration. Provides step-by-step phases for dead-code-hunter detection, priority-based cleanup with dead-code-remover, and verification cycles.

Beads Issue Tracking Skill

164

from maslennikov-ig/claude-code-orchestrator-kit

> **Attribution**: [Beads](https://github.com/steveyegge/beads) by [Steve Yegge](https://github.com/steveyegge)

Workflow & ProductivityClaude

webapp-testing

164

from maslennikov-ig/claude-code-orchestrator-kit

Toolkit for interacting with and testing local web applications using Playwright. Supports verifying frontend functionality, debugging UI behavior, capturing browser screenshots, and viewing browser logs.

validate-report-file

164

from maslennikov-ig/claude-code-orchestrator-kit

Validate that worker-generated reports have all required sections and proper formatting. Use in quality gates, for report completeness checking, or when debugging missing report sections.

validate-plan-file

164

from maslennikov-ig/claude-code-orchestrator-kit

Validate that orchestrator plan files conform to expected JSON schema. Use before workers read plan files or after orchestrators create them to ensure proper structure and required fields.

ux-researcher-designer

164

from maslennikov-ig/claude-code-orchestrator-kit

UX research and design toolkit for Senior UX Designer/Researcher including data-driven persona generation, journey mapping, usability testing frameworks, and research synthesis. Use for user research, persona creation, journey mapping, and design validation.

ui-design-system

164

from maslennikov-ig/claude-code-orchestrator-kit

UI design system toolkit for Senior UI Designer including design token generation, component documentation, responsive design calculations, and developer handoff tools. Use for creating design systems, maintaining visual consistency, and facilitating design-dev collaboration.

theme-factory

164

from maslennikov-ig/claude-code-orchestrator-kit

Toolkit for styling artifacts with a theme. These artifacts can be slides, docs, reportings, HTML landing pages, etc. There are 10 pre-set themes with colors/fonts that you can apply to any artifact that has been creating, or can generate a new theme on-the-fly.

systematic-debugging

164

from maslennikov-ig/claude-code-orchestrator-kit

Use when encountering any bug, test failure, or unexpected behavior, before proposing fixes