baekenough/omcustom:npm-audit
.claude/skills/npm-audit/SKILL.md
Audit npm dependencies for security and updates
$ install --global
skillsauthnpx skillsauth add baekenough/oh-my-customcode omcustom:npm-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 8:18 PM4.6s1 file scanned
SKILL.md
- name:
- omcustom:npm-audit
- description:
- Audit npm dependencies for security and updates
- scope:
- package
- argument-hint:
- [--fix] [--production]
- user-invocable:
- true
NPM Audit Skill
Audit npm dependencies for security vulnerabilities and outdated packages.
Options
--fix Automatically fix vulnerabilities where possible
--production Only audit production dependencies
--json Output in JSON format
Workflow
1. Run npm audit for security vulnerabilities
2. Analyze vulnerability severity
3. Check for outdated dependencies
4. Generate health report
5. Suggest remediation steps
Output Format
Success
[NPM Audit] package-name
Security:
Critical: 0
High: 0
Moderate: 2
Low: 1
Outdated:
Major updates: 3
Minor updates: 5
Patch updates: 12
Status: Needs attention (2 moderate vulnerabilities)
Recommendations:
1. npm update lodash
2. npm update axios
Failure
[NPM Audit] Failed
Error: {error_message}
Hint: Ensure package-lock.json exists
Examples
# Full dependency audit with report
npm-audit
# Audit and fix vulnerabilities
npm-audit --fix
# Audit only production dependencies
npm-audit --production
Related Skills
baekenough/wiki
development
VerifiedTrustedCommunity
Generate and maintain a persistent codebase wiki — LLM-built interlinked markdown knowledge base (Karpathy LLM Wiki pattern)
15SKILL.mdUpdated Apr 16, 2026
baekenough/wiki-rag
development
VerifiedTrustedCommunity
Use the project wiki as RAG knowledge source — search wiki pages to answer codebase questions before exploring raw files
15SKILL.mdUpdated Apr 16, 2026
baekenough/skill-extractor
tools
VerifiedTrustedCommunity
Analyze task trajectories to propose reusable SKILL.md candidates from successful patterns
15SKILL.mdUpdated Apr 16, 2026
baekenough/hada-scout
data-ai
VerifiedTrustedCommunity
hada.io RSS feed monitoring for AI agent/harness articles with automated /scout analysis
15SKILL.mdUpdated Apr 16, 2026