security-dependency-scanning

What problem does it solve?

This Skill automatically identifies outdated libraries, known vulnerabilities (CVEs), and insecure configurations in deployed websites, preventing manual, time-consuming checks and mitigating supply chain risks.

Core Features & Use Cases

• Dependency Detection: Identifies frontend libraries, frameworks, and CMS platforms with their versions from live websites.
• CVE Identification: Cross-references detected versions with known vulnerabilities and CVSS scores for immediate risk assessment.
• Security Header Audit: Checks for critical HTTP security headers like Content-Security-Policy (CSP), HSTS, and X-Frame-Options.
• Use Case: Scan your live website to detect if any JavaScript libraries have known CVEs and generate a prioritized report with upgrade recommendations, all without manual effort, ensuring your site uses secure, up-to-date components.

Quick Start

Use the security-dependency-scanning skill to audit the website 'https://example.com' for outdated libraries and missing security headers.