name: dependency-risk-audit description: Audit dependencies for licensing, security, and maintenance risk. Use when a senior developer needs risk assessment.
Dependency Risk Audit
Purpose
Audit dependencies for licensing, security, and maintenance risk.
Inputs to request
- Dependency list and versions.
- License policies and security requirements.
- Criticality of each dependency.
Workflow
- Inventory dependencies and ownership status.
- Check licenses and known vulnerabilities.
- Recommend replacements or mitigation plans.
Output
- Dependency risk report with priorities.
Quality bar
- Highlight unmaintained or high-risk packages.
- Include upgrade or replacement paths.