dependency-risk-auditor

Analyze third-party dependencies for security, maintenance, and lock-in risk. Use when auditing dependencies, reviewing new packages, or assessing supply chain security. Triggers on "dependency audit", "package risk", "supply chain", "vulnerable dependencies", "license check", "outdated packages", "dependency review", "npm audit", "security scan".