Dependency Health
Security-first dependency management methodology with batch remediation, policy-driven compliance, and automated enforcement. Use when security vulnerabilities exist in dependencies, dependency freshness low (outdated packages), license compliance needed, or systematic dependency management lacking. Provides security-first prioritization (critical vulnerabilities immediately, high within week, medium within month), batch remediation strategy (group compatible updates, test together, single PR), policy-driven compliance framework (security policies, freshness policies, license policies), and automation tools for vulnerability scanning, update detection, and compliance checking. Validated in meta-cc with 6x speedup (9 hours manual to 1.5 hours systematic), 3 iterations, 88% transferability across package managers (concepts universal, tools vary by ecosystem).
Installation
SKILL.md
Systematic dependency management: security-first, batch remediation, policy-driven.
Dependencies are attack surface. Manage them systematically, not reactively.
❌ Ignoring security advisories: "We'll update later" ❌ One-at-a-time updates: 100 separate PRs for 100 dependencies ❌ Automatic merging: Dependabot auto-merge without testing ❌ Dependency pinning forever: Never updating to avoid breakage ❌ License ignorance: Not checking license compatibility ❌ No testing after updates: Assuming updates won't break anything
Security-first dependency management methodology with batch remediation, policy-driven compliance, and automated enforcement. Use when security vulnerabilities exist in dependencies, dependency freshness low (outdated packages), license compliance needed, or systematic dependency management lacking. Provides security-first prioritization (critical vulnerabilities immediately, high within week, medium within month), batch remediation strategy (group compatible updates, test together, single PR), policy-driven compliance framework (security policies, freshness policies, license policies), and automation tools for vulnerability scanning, update detection, and compliance checking. Validated in meta-cc with 6x speedup (9 hours manual to 1.5 hours systematic), 3 iterations, 88% transferability across package managers (concepts universal, tools vary by ecosystem). Source: zpankz/mcp-skillset.
Facts (cite-ready)
Stable fields and commands for AI/search citations.
- Install command
npx skills add https://github.com/zpankz/mcp-skillset --skill Dependency Health- Source
- zpankz/mcp-skillset
- Category
- </>Dev Tools
- Verified
- —
- First Seen
- 2026-02-01
- Updated
- 2026-02-18
Quick answers
What is Dependency Health?
Security-first dependency management methodology with batch remediation, policy-driven compliance, and automated enforcement. Use when security vulnerabilities exist in dependencies, dependency freshness low (outdated packages), license compliance needed, or systematic dependency management lacking. Provides security-first prioritization (critical vulnerabilities immediately, high within week, medium within month), batch remediation strategy (group compatible updates, test together, single PR), policy-driven compliance framework (security policies, freshness policies, license policies), and automation tools for vulnerability scanning, update detection, and compliance checking. Validated in meta-cc with 6x speedup (9 hours manual to 1.5 hours systematic), 3 iterations, 88% transferability across package managers (concepts universal, tools vary by ecosystem). Source: zpankz/mcp-skillset.
How do I install Dependency Health?
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/zpankz/mcp-skillset --skill Dependency Health Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code or Cursor
Where is the source repository?
https://github.com/zpankz/mcp-skillset
Details
- Category
- </>Dev Tools
- Source
- user
- First Seen
- 2026-02-01