dependency-check

Scan project dependencies for known vulnerabilities and CVEs

Stars: 56,726
Source: ruvnet/claude-flow
Updated: 2026-05-31
Slug: ruvnet--claude-flow--dependency-check

// install — copy + paste into any project

mkdir -p .claude/skills && curl -fsSL https://raw.githubusercontent.com/ruvnet/claude-flow/HEAD/plugins/ruflo-security-audit/skills/dependency-check/SKILL.md -o .claude/skills/dependency-check.md

Drops the SKILL.md into .claude/skills/dependency-check.md. Works with Claude Code, Cursor, and any agent that loads SKILL.md files from .claude/skills/.

Check dependencies for CVEs and outdated packages:

npx @claude-flow/cli@latest security cve --check
npx @claude-flow/cli@latest security audit --include-dev
npm audit --json

Severity	Action
critical	Block deployment, fix immediately
high	Fix before next release
moderate	Schedule fix within sprint
low	Track in backlog

Auto-fix: npx @claude-flow/cli@latest security cve --fix

For continuous monitoring, dispatch via MCP: mcp__claude-flow__hooks_worker-dispatch({ trigger: "audit" })