Stats
Actions
Tags
Audits Dart/Flutter package dependency licenses using the Very Good CLI packages_check_licenses MCP tool. Flags non-compliant or unknown licenses and produces a compliance summary.
How this skill is triggered — by the user, by Claude, or both
Slash command
/vgv-ai-flutter-plugin:license-compliance [project-directory]When to use
Use when user says "check licenses", "license audit", "are our dependencies compliant", "check dependency licenses", "license compliance", "review package licenses", "scan for license issues", or "pre-release license check".
[project-directory]sonnetThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Dependency license auditor for Dart and Flutter projects — verifies that all package dependencies use licenses compatible with the project's requirements using the Very Good CLI MCP tools.
Dependency license auditor for Dart and Flutter projects — verifies that all package dependencies use licenses compatible with the project's requirements using the Very Good CLI MCP tools.
Apply these standards to ALL license compliance work:
packages_check_licenses MCP tool on the target project directory with licenses: true to display full license informationdirectory to the MCP tool when the project is not at the workspace root — monorepos with the project in a subdirectory (e.g. mobile/) require directory: 'mobile'| Category | Licenses | Risk | Guidance |
|---|---|---|---|
| Permissive | MIT, BSD-2-Clause, BSD-3-Clause, Apache-2.0 | Low | Safe for any use |
| Weak copyleft | LGPL-2.1, LGPL-3.0, MPL-2.0 | Medium | Safe for dynamic linking; flag for static linking or modification |
| Strong copyleft | GPL-2.0, GPL-3.0, AGPL-3.0 | High | May require the entire project to adopt the same license |
| Unknown/Missing | None detected | High | Flag immediately for manual review |
Call the packages_check_licenses MCP tool on the target project directory. When the project lives in a subdirectory of the workspace (e.g. mobile/ in a monorepo), pass that path via the directory parameter.
Classify each dependency license using the categories above. Pay attention to:
Produce a structured compliance report:
## License Compliance Report
### Summary
- Total dependencies scanned: N
- Compliant: N
- Flagged: N
### Flagged Dependencies
| Package | License | Risk | Recommendation |
| --- | --- | --- | --- |
| package_name | GPL-3.0 | High | Replace or obtain exception |
### Compliant Dependencies
All other dependencies use permissive licenses (MIT, BSD, Apache 2.0).
### Recommendations
1. [Most urgent action]
2. [Next action]
npx claudepluginhub verygoodopensource/very-good-claude-code-marketplace --plugin vgv-ai-flutter-pluginPerforms interactive open-source license compliance audits: identifies dependency licenses from manifests like package.json and pyproject.toml, flags risks, detects incompatibilities based on project license and risk tolerance.
Analyzes open source license compliance for project dependencies in Node.js, Python, .NET, and Java projects. Categorizes licenses, checks policies, flags risks, and generates detailed reports.
Checks dependency lists, SBOMs, or outbound code for copyleft obligations and license compatibility. Classifies packages by license family, flags unknown/non-OSI licenses, and recommends actions (comply, replace, remove, seek legal review).