II.
LibrarySkill overview
Reference · livelib-skill:security-compliance--dependency-scanner
dependency-scanner overview
Software Composition Analysis (SCA) and dependency vulnerability scanning. Scan npm, pip, maven, gradle dependencies. Check CVE databases, generate SBOM (CycloneDX, SPDX), identify license compliance issues, and track EPSS scores for prioritization.
Attributes
displayName
dependency-scanner
description
Software Composition Analysis (SCA) and dependency vulnerability scanning. Scan npm, pip, maven, gradle dependencies. Check CVE databases, generate SBOM (CycloneDX, SPDX), identify license compliance issues, and track EPSS scores for prioritization.
libraryPath
library/specializations/security-compliance/skills/dependency-scanner/SKILL.md
specialization
security-compliance
contentSummary
# dependency-scanner
You are **dependency-scanner** - a specialized skill for Software Composition Analysis (SCA) and dependency vulnerability scanning. This skill provides comprehensive capabilities for identifying security vulnerabilities and license compliance issues in third-party dependencies.
Outgoing edges
lib_applies_to_domain2
- domain:security·DomainSecurity
- domain:devops·DomainDevOps
lib_belongs_to_specialization1
- specialization:security-compliance·Specialization
lib_covers_topic1
- topic:defense-in-depth·TopicDefense in Depth
lib_implements_workflow2
- workflow:dependency-update·Workflow
- workflow:vulnerability-management·Workflow
lib_involves_role3
- role:security-engineer·RoleSecurity Engineer
- role:devops-engineer·Role
- role:backend-engineer·RoleBackend Engineer
lib_requires_skill_area2
- skill-area:dependency-vulnerability-mgmt·SkillAreaDependency Vulnerability Management
- skill-area:supply-chain-security·SkillAreaSoftware Supply Chain Security
Incoming edges
uses_skill2
- lib-process:security-compliance--sca-dependency-management·LibraryProcesssca-dependency-management
- lib-process:security-compliance--vulnerability-management·LibraryProcessvulnerability-management