Stats
Actions
Tags
From fuse-security
Audit project dependencies for known vulnerabilities using ecosystem-specific tools (npm audit, composer audit, pip-audit, cargo audit, etc).
How this skill is triggered — by the user, by Claude, or both
Slash command
/fuse-security:dependency-auditThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run dependency vulnerability checks using native package manager audit tools.
Run dependency vulnerability checks using native package manager audit tools.
| Ecosystem | Tool | Auto-fix |
|---|---|---|
| npm/yarn/pnpm/bun | npm audit / yarn audit | Yes |
| PHP/Composer | composer audit | Manual |
| Python/pip | pip-audit / safety check | Manual |
| Rust/Cargo | cargo audit | Yes |
| Go | govulncheck ./... | Manual |
| Swift/CocoaPods | pod audit | Manual |
| Ruby/Bundler | bundle audit | Manual |
When --fix flag is used:
npm audit fix for safe updatescargo audit fix for Rustnpx claudepluginhub fusengine/agents --plugin fuse-securityScans project dependencies for known security vulnerabilities using ecosystem-specific audit tools (npm, yarn, pnpm, pip, cargo, govulncheck, gradle). Supports severity filtering and automatic fixes.
Audits dependencies for vulnerabilities, outdated versions, transitive issues, and licenses in Node.js, Python, PHP, Ruby, Go, and Rust projects using npm audit, pip-audit, and equivalents.
Audits project dependencies using ecosystem-specific tools (npm audit, cargo audit, pip audit) and reports vulnerabilities with normalized severities. Useful in CI, build pipelines, or ad-hoc scans.