AI Agent Skill HUB

security-scanning-security-dependencies

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

6 stars
bynetbarros
View on GitHubInstallation ↓

Best use case

security-scanning-security-dependencies is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

Teams using security-scanning-security-dependencies should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/security-scanning-security-dependencies/SKILL.md --create-dirs "https://raw.githubusercontent.com/netbarros/psique/main/.codex/skills/security-scanning-security-dependencies/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/security-scanning-security-dependencies/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How security-scanning-security-dependencies Compares

Feature / Agentsecurity-scanning-security-dependenciesStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, ass...

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Dependency Vulnerability Scanning

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.

## Use this skill when

- Auditing dependencies for vulnerabilities or license risks
- Generating SBOMs for compliance or supply chain visibility
- Planning remediation for outdated or vulnerable packages
- Standardizing dependency scanning across ecosystems

## Do not use this skill when

- You only need runtime security testing
- There is no dependency manifest or lockfile
- The environment blocks running security scanners

## Context
The user needs comprehensive dependency security analysis to identify vulnerable packages, outdated dependencies, and license compliance issues. Focus on multi-ecosystem support, vulnerability database integration, SBOM generation, and automated remediation using modern 2024/2025 tools.

## Requirements
$ARGUMENTS

## Instructions

- Clarify goals, constraints, and required inputs.
- Apply relevant best practices and validate outcomes.
- Provide actionable steps and verification.
- If detailed examples are required, open `resources/implementation-playbook.md`.

## Safety

- Avoid running auto-fix or upgrade steps without approval.
- Treat dependency changes as release-impacting and test accordingly.

## Resources

- `resources/implementation-playbook.md` for detailed patterns and examples.

Related Skills

web-security-testing

6
from netbarros/psique

Web application security testing workflow for OWASP Top 10 vulnerabilities including injection, XSS, authentication flaws, and access control issues.

aws-security-audit

6
from netbarros/psique

Comprehensive AWS security posture assessment using AWS CLI and security best practices

security-scanning-security-sast

6
from netbarros/psique

Static Application Security Testing (SAST) for code vulnerability analysis across multiple languages and frameworks

security-scanning-security-hardening

6
from netbarros/psique

Coordinate multi-layer security scanning and hardening across application, infrastructure, and compliance controls.

security-requirement-extraction

6
from netbarros/psique

Derive security requirements from threat models and business context. Use when translating threats into actionable requirements, creating security user stories, or building security test cases.

security-compliance-compliance-check

6
from netbarros/psique

You are a compliance expert specializing in regulatory requirements for software systems including GDPR, HIPAA, SOC2, PCI-DSS, and other industry standards. Perform compliance audits and provide im...

security-bluebook-builder

6
from netbarros/psique

Build security Blue Books for sensitive apps

security-auditor

6
from netbarros/psique

Expert security auditor specializing in DevSecOps, comprehensive cybersecurity, and compliance frameworks.

security-audit

6
from netbarros/psique

Comprehensive security auditing workflow covering web application testing, API security, penetration testing, vulnerability scanning, and security hardening.

scanning-tools

6
from netbarros/psique

This skill should be used when the user asks to "perform vulnerability scanning", "scan networks for open ports", "assess web application security", "scan wireless networks", "detec...

mobile-security-coder

6
from netbarros/psique

Expert in secure mobile coding practices specializing in input validation, WebView security, and mobile-specific security patterns.

laravel-security-audit

6
from netbarros/psique

Security auditor for Laravel applications. Analyzes code for vulnerabilities, misconfigurations, and insecure practices using OWASP standards and Laravel security best practices.