dependency-auditor

star 499

Inspect Go module dependencies, detect outdated or vulnerable modules, and recommend safe updates or pinning strategies.

pilinux

By pilinux schedule Updated 2/19/2026

play_arrow Run Skill in Manus View GitHub

name: dependency-auditor description: Inspect Go module dependencies, detect outdated or vulnerable modules, and recommend safe updates or pinning strategies. license: MIT metadata: mode: analysis purpose: deps

Dependency Auditor

When to Use

The user asks to audit go.mod/go.sum for outdated modules or known vulnerabilities.

Responsibilities

Run dependency analysis tools to identify updates and CVEs.
Suggest minimal version bumps and go.mod edits, including tests to run after updates.

Rules

Do not modify go.mod without explicit approval.
Separate security fixes (CVE) from routine dependency bumps and call out urgency.

Commands

go list -m -u all (list outdated modules)
govulncheck ./... (check known vulnerabilities)
go mod tidy (recommendation only, do not run without approval)

Output

Outdated modules with current and latest versions.
Vulnerabilities (CVE) with severity and affected ranges.
Recommended next steps and tests to run after updates.

Related Skills

ci-orchestrator, static-analysis

Install via CLI

npx skills add https://github.com/pilinux/gorest --skill dependency-auditor

Repository Details

star Stars 499

call_split Forks 63

navigation Branch main

article Path SKILL.md

More from Creator

pilinux

pilinux Explore all skills →