peerdb-io/update-dependencies
.claude/skills/update-dependencies/SKILL.md
Updates dependencies in the PeerDB repository
$ install --global
skillsauthnpx skillsauth add peerdb-io/peerdb update-dependenciesInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 8:21 AM24.9s1 file scanned
SKILL.md
- name:
- update-dependencies
- description:
- Updates dependencies in the PeerDB repository
- disable-model-invocation:
- true
Make a to-do list for the following sequence, then execute it:
- Make sure you're on the latest
mainbranch. Run./generate-protos.shto avoid build failures down the line - Create a new branch
update-dependencies(delete the old one if it's more than a few days old). Don't delete the remote branch - Update /nexus (Rust)
a.
cargo updateb. see ifcargo outdated -Rhas anything new (apart fromprostthat didn't resolve its compatibility issues after recent upstream changes, andtonic/tonic-health/pbjson/pbjson-types/reqwestit depends on, don't touch those). If it does, update those one by one in the right order and resolve incompatibilities, flagging to the user if something is non-trivial c. make sure the project builds with all features enabled (some are disabled by default) - Update /ui (TypeScript)
a.
npm updateb.npm out, update the remaining ones one by on in the right order, resolve incompatibilities, flagging to the user if something is non-trivial c. test the build withnpm run buildd. run the linters fromui-lint.ymlto validate - Update /flow (Go)
a.
go get -u . && go mod tidy- then undo the updates for dependencies marked as// PINNED, we have tasks for resolving those separately b. flag if anything else was breaking and doesn't have an easy fix c. validate withgo buildd. run the linters fromgolang-lint.ymle. rungo run ./cmd/check_pinned_versionsfromflow/to verify pinned versions are consistent - Update Buf plugins in
buf.gen.yaml, flag if anything is more than a simple version bump - Report the summary to the user, listing all deps that needed a manual intervention. Prompt them to run the UI app locally to check for runtime errors. If there are unresolved Go dependency breaks, ask the user if they want to tackle them now or have you revert and mark as // PINNED. If downgrading:
a. Carefully discover all related dependencies and restore the last working versions of them
b. Add a // PINNED with a one-line explanantion to the dependency that broke
c. Add a // PINNED to parent dependenices with a pointer to the root cause package
d. Update the
pinnedVersionsmap inflow/cmd/check_pinned_versions/main.goto match e. Outline an up to half-paragraph description of the hurdle to the user so they can put it in a task
Related Skills
steipete/skill-creator
testing
VerifiedTrustedCommunity
Create, edit, improve, or audit AgentSkills. Use when creating a new skill from scratch or when asked to improve, review, audit, tidy up, or clean up an existing skill or SKILL.md file. Also use when editing or restructuring a skill directory (moving files to references/ or scripts/, removing stale content, validating against the AgentSkills spec). Triggers on phrases like "create a skill", "author a skill", "tidy up a skill", "improve this skill", "review the skill", "clean up the skill", "audit the skill".
356,423SKILL.mdUpdated Apr 13, 2026
steipete/healthcheck
testing
VerifiedTrustedCommunity
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
356,423SKILL.mdUpdated Apr 13, 2026
openclaw/skill-creator
testing
VerifiedTrustedCommunity
Create, edit, improve, or audit AgentSkills. Use when creating a new skill from scratch or when asked to improve, review, audit, tidy up, or clean up an existing skill or SKILL.md file. Also use when editing or restructuring a skill directory (moving files to references/ or scripts/, removing stale content, validating against the AgentSkills spec). Triggers on phrases like "create a skill", "author a skill", "tidy up a skill", "improve this skill", "review the skill", "clean up the skill", "audit the skill".
353,662SKILL.mdUpdated Apr 10, 2026
openclaw/healthcheck
testing
VerifiedTrustedCommunity
Host security hardening and risk-tolerance configuration for OpenClaw deployments. Use when a user asks for security audits, firewall/SSH/update hardening, risk posture, exposure review, OpenClaw cron scheduling for periodic checks, or version status checks on a machine running OpenClaw (laptop, workstation, Pi, VPS).
353,662SKILL.mdUpdated Apr 10, 2026