skills.homes logoskills.homescapability registry
home/categories/package-distribution/majiayu000-claude-skill-registry-skills-data-dependency-vetting-skill-md
cd ..
package-distributiondevelopment

dependency-vetting

Vet new package dependencies before installation. Triggers when adding packages via pip, npm, yarn, or similar package managers. Checks for typosquatting, known vulnerabilities, low adoption (potential supply chain risk), and package metadata anomalies. Use when: - User asks to install a new package - pip install, npm install, yarn add commands detected - requirements.txt or package.json modifications - User asks "is this package safe?" Blocks: Typosquats, critical vulnerabilities Warns: Low adoption, suspicious metadata

Voir le code sourcepackage-distribution
majiayu000
maintainer
majiayu000
Mis à jour 1/22/2026
Étoiles
185
Forks
40
quick start

Installation and usage

Vet new package dependencies before installation. Triggers when adding packages via pip, npm, yarn, or similar package managers. Checks for typosquatting, known vulnerabilities, low adoption (potential supply chain risk), and package metadata anomalies. Use when: - User asks to install a new package - pip install, npm install, yarn add commands detected - requirements.txt or package.json modifications - User asks "is this package safe?" Blocks: Typosquats, critical vulnerabilities Warns: Low adoption, suspicious metadata

Installation
$ install --globalskills.sh
Utilisation

Après l'installation, vous pouvez utiliser ce skill en exécutant la commande suivante dans votre terminal :

skills use dependency-vetting