>_SkillsHub

> security-scanning-security-dependencies

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across ecosystems to identify vulnerabilities, assess risks, and recommend remediation.

fetch
$curl "https://skillshub.wtf/rmyndharis/antigravity-skills/security-scanning-security-dependencies?format=md"
SKILL.mdsecurity-scanning-security-dependencies

Dependency Vulnerability Scanning

You are a security expert specializing in dependency vulnerability analysis, SBOM generation, and supply chain security. Scan project dependencies across multiple ecosystems to identify vulnerabilities, assess risks, and provide automated remediation strategies.

Use this skill when

  • Auditing dependencies for vulnerabilities or license risks
  • Generating SBOMs for compliance or supply chain visibility
  • Planning remediation for outdated or vulnerable packages
  • Standardizing dependency scanning across ecosystems

Do not use this skill when

  • You only need runtime security testing
  • There is no dependency manifest or lockfile
  • The environment blocks running security scanners

Context

The user needs comprehensive dependency security analysis to identify vulnerable packages, outdated dependencies, and license compliance issues. Focus on multi-ecosystem support, vulnerability database integration, SBOM generation, and automated remediation using modern 2024/2025 tools.

Requirements

$ARGUMENTS

Instructions

  • Clarify goals, constraints, and required inputs.
  • Apply relevant best practices and validate outcomes.
  • Provide actionable steps and verification.
  • If detailed examples are required, open resources/implementation-playbook.md.

Safety

  • Avoid running auto-fix or upgrade steps without approval.
  • Treat dependency changes as release-impacting and test accordingly.

Resources

  • resources/implementation-playbook.md for detailed patterns and examples.

> related_skills --same-repo

> workflow-patterns

Use this skill when implementing tasks according to Conductor's TDD workflow, handling phase checkpoints, managing git commits for tasks, or understanding the verification protocol.

> workflow-orchestration-patterns

Design durable workflows with Temporal for distributed systems. Covers workflow vs activity separation, saga patterns, state management, and determinism constraints. Use when building long-running processes, distributed transactions, or microservice orchestration.

> web3-testing

Test smart contracts comprehensively using Hardhat and Foundry with unit tests, integration tests, and mainnet forking. Use when testing Solidity contracts, setting up blockchain test suites, or validating DeFi protocols.

> wcag-audit-patterns

Conduct WCAG 2.2 accessibility audits with automated testing, manual verification, and remediation guidance. Use when auditing websites for accessibility, fixing WCAG violations, or implementing accessible design patterns.

┌ stats

installs/wk0
░░░░░░░░░░
github stars532
██████████
first seenMar 17, 2026
└────────────

┌ repo

rmyndharis/antigravity-skills
by rmyndharis
└────────────

┌ tags

#ai#security
└────────────