bjornmelin/repo-modernize-upgrade-audit
skills/repo-modernize-upgrade-audit/SKILL.md
Repo/monorepo—dep modernize, vuln fix, framework-aware upgrade, hard-cut, dep-native refactors.
$ install --global
skillsauthnpx skillsauth add bjornmelin/dev-skills repo-modernize-upgrade-auditInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 8, 2026, 3:16 AM148.3s11 files scanned
SKILL.md
- name:
- repo-modernize-upgrade-audit
- description:
- Repo/monorepo—dep modernize, vuln fix, framework-aware upgrade, hard-cut, dep-native refactors.
Repo Modernize Upgrade Audit
Use this skill when you need to audit, upgrade, refactor, and simplify a repo or monorepo end-to-end around dependencies, security findings, deprecations, and framework migrations.
Variant References
Use the base prompt below by default. If the repo shape or workflow calls for a specialized operating mode, load the matching reference first:
references/00-variant-index.mdreferences/framework-lane-selection.mdreferences/dependency-decision-matrix.mdreferences/verification-matrix.mdreferences/report-template.mdreferences/bun-first.mdreferences/pnpm-turbo-monorepo.mdreferences/plan-first.md
Selection guidance:
- Bun-managed repos: start with
references/bun-first.md - pnpm + Turbo monorepos: start with
references/pnpm-turbo-monorepo.md - review-heavy or approval-gated work: start with
references/plan-first.md - framework-heavy repos: also read
references/framework-lane-selection.md - during package triage: read
references/dependency-decision-matrix.md - before execution wrap-up: read
references/verification-matrix.md - for final delivery: read
references/report-template.md - if unclear: read
references/00-variant-index.mdfirst
Intent
- Find every vulnerable dependency, outdated dependency, deprecated API, obsolete custom abstraction, and dependency-driven cleanup opportunity.
- Deeply research the latest official docs, changelogs, migration guides, release notes, GitHub releases, advisories, and upstream issues.
- Upgrade dependencies to the latest safe and supportable versions.
- Refactor the codebase to adopt modern dependency-native APIs and delete obsolete wrappers, shims, fallbacks, and duplicate implementations.
- Leave the repo in a verified, production-ready, simplified state.
Required Skills and Tools
Use these throughout the task:
$bun-dev$hard-cut$clean-code$reducing-entropy$githubcontext7web.run
Use $opensrc conditionally as an escalation path for package upgrades
that need source-level proof.
Framework-specific routing is defined in the execution prompt below and refined
further in references/framework-lane-selection.md.
Execution Prompt
For full execution mode, load references/execution-prompt.md. It contains the complete modernization prompt, research requirements, dependency audit workflow, framework lanes, upgrade strategy, verification expectations, and final report contract.
Keep this entrypoint focused on routing and reference selection. Do not duplicate framework-specific playbooks here; use the variant references above.
Related Skills
bjornmelin/repo-modernizer
development
VerifiedTrustedCommunity
Repo/monorepo modernization: dependency upgrades, security fixes, deprecation cleanup, framework migrations, dependency-native refactors, and verified hard-cut simplification.
2SKILL.mdUpdated Jun 11, 2026
bjornmelin/web-waapi
development
VerifiedTrustedCommunity
Use this skill for Browser Web Animations API: Element.animate(), Animation, KeyframeEffect, playback control, generated keyframes, cancel/finish, commitStyles, and cleanup. Trigger on Element.animate, WAAPI, Web Animations API, KeyframeEffect, Animation object, commitStyles. Do not use for near-miss tasks outside these boundaries; route to adjacent motion or platform skills when they own the implementation.
2SKILL.mdUpdated Jun 11, 2026
bjornmelin/web-three-r3f
tools
VerifiedTrustedCommunity
Use this skill for Three.js, React Three Fiber, Drei, Canvas/createRoot lifecycle, loaders, GLTF, useFrame, disposal, SSR/client boundaries, DPR, and browser proof. Trigger on Three.js, THREE, @react-three/fiber, @react-three/drei, R3F Canvas, useFrame, GLTF, WebGLRenderer. Do not use for near-miss tasks outside these boundaries; route to adjacent motion or platform skills when they own the implementation.
2SKILL.mdUpdated Jun 11, 2026
bjornmelin/web-tailwind-motion
development
VerifiedTrustedCommunity
Use this skill for Tailwind CSS v4 transition, animation, duration, easing, motion-safe/motion-reduce, @theme motion tokens, and static class safety. Trigger on Tailwind animation, transition-all, motion-safe, motion-reduce, @theme, animate-, duration-. Do not use for near-miss tasks outside these boundaries; route to adjacent motion or platform skills when they own the implementation.
2SKILL.mdUpdated Jun 11, 2026