Skip to content
BeClaude

safer-dependencies

New
15GitHub TrendingGeneralby robert-auger

safer-dependencies is a security layer for Claude Code that audits packages before they’re added to your project. It detects and fixes risky dependencies, including CVEs, typosquats, abandoned packages, version-age issues, and adds package-cooldown violations across npm, PyPI, RubyGems, Maven, Go, and Rust.

Summary

safer-dependencies is a security layer for Claude Code that audits packages before they are added to your project.

  • It detects and fixes risky dependencies, including CVEs, typosquats, abandoned packages, version-age issues, and package-cooldown violations across npm, PyPI, RubyGems, Maven, Go, and Rust.
  • This skill helps developers proactively prevent supply chain attacks and maintain a healthy dependency tree.

Install & Usage

1
Create the skills directory
mkdir -p .claude/skills
2
Download the skill file

Add the configuration to .claude/skills/safer-dependencies.md

3
Invoke in Claude Code
/safer-dependencies

Use Cases

Audit a new npm package for known CVEs and typosquatting before adding it to your project.
Check if a proposed PyPI dependency is abandoned or has version-age issues.
Scan your existing Rust project for packages that violate a cooldown policy.
Prevent adding a RubyGem that is a known typosquat of a popular library.
Evaluate a Maven dependency for security vulnerabilities and license risks.
Review a Go module for outdated or deprecated packages before upgrading.

Usage Examples

1

/safer-dependencies check [email protected]

2

Audit the package requests for typosquats and CVEs before adding it to requirements.txt.

3

/safer-dependencies scan --ecosystem rust

View source on GitHub
securityrust

Security Audits

LicenseUnknownSourceWarnRepositoryPass

Frequently Asked Questions

What is safer-dependencies?

safer-dependencies is a security layer for Claude Code that audits packages before they are added to your project. It detects and fixes risky dependencies, including CVEs, typosquats, abandoned packages, version-age issues, and package-cooldown violations across npm, PyPI, RubyGems, Maven, Go, and Rust. This skill helps developers proactively prevent supply chain attacks and maintain a healthy dependency tree.

How to install safer-dependencies?

To install safer-dependencies: create the skills directory (mkdir -p .claude/skills), then add the config to .claude/skills/safer-dependencies.md. Finally, /safer-dependencies in Claude Code.

What is safer-dependencies best for?

safer-dependencies is a other categorized under General. It is designed for: security, rust. Created by robert-auger.

What can I use safer-dependencies for?

safer-dependencies is useful for: Audit a new npm package for known CVEs and typosquatting before adding it to your project.; Check if a proposed PyPI dependency is abandoned or has version-age issues.; Scan your existing Rust project for packages that violate a cooldown policy.; Prevent adding a RubyGem that is a known typosquat of a popular library.; Evaluate a Maven dependency for security vulnerabilities and license risks.; Review a Go module for outdated or deprecated packages before upgrading..