‹ 首页

dependency-check

@novacode37 · 收录于 1 周前

Audit project dependencies for known-vulnerable versions and risky pinning. Parses requirements.txt and package.json, matches a bundled offline advisory DB, optionally queries OSV.dev live, and warns about unpinned versions. Use when the user asks to "check dependencies for vulnerabilities", "audit my requirements.txt / package.json", "scan for vulnerable packages", or "is my dependency tree secure".

适合你,如果需要在发布前检查依赖是否存在已知安全漏洞。

/ 通过 npx 安装 校验哈希
npx oh-my-skill add novacode37/claude-security-skills/dependency-check
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- novacode37/claude-security-skills/dependency-check
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify novacode37/claude-security-skills/dependency-check
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
11GitHub stars
~502最小装载
~502含声明引用
~3.8K文本包总量
索引托管

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。