Deps Mgmt

v1.0.0

Deep dependency management workflow—inventory, upgrade policy, security patches, licensing, lockfiles, and supply-chain hygiene. Use when upgrading framework...

⭐ 0· 53·0 current·0 all-time

byClawKK@codekungfu

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name, description, and the SKILL.md all describe a dependency-management workflow (inventory, policy, lockfiles, upgrades, SCA, governance). The skill requests no binaries, env vars, installs, or config paths — which is coherent for a purely advisory workflow.

✓

Instruction Scope

SKILL.md contains process steps, checklists, and recommendations only; it does not instruct the agent to read files, call external services, or access credentials. The guidance is intentionally high-level and does not perform any I/O itself.

✓

Install Mechanism

No install spec or code files are present. As an instruction-only skill, nothing will be written to disk or downloaded during install.

✓

Credentials

The skill declares no required environment variables, credentials, or config paths — appropriate for a non-executing advisory workflow.

✓

Persistence & Privilege

always is false and model invocation is not disabled (default). The skill does not request persistent presence or elevated privileges.

Assessment

This skill is an advisory checklist and appears safe to install: it makes no network calls, installs, or secret requests in its instructions. Before using it in automated workflows, confirm what your agent will be permitted to do when you ask it to act on these recommendations (for example, whether the agent will be allowed to read repositories, run SCA tools, or modify CI). If you intend to run inventory or fixes, use explicit, audited tools and grant the agent least privilege (read-only repo access, scoped API tokens) and monitor any requests to expose credentials or external endpoints. Finally, remember this skill is high-level guidance — you'll still need concrete tooling (SBOM generators, SCA scanners, CI jobs) to perform the actual scans and upgrades.

Like a lobster shell, security has layers — review code before you run it.

latestvk975asjje6pht0hz4mtxwmkj1583p0aj

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Deps Mgmt

License

Comments