dependency-audit
Audit project manifests against source code to find unused, missing, and misplaced dependencies across major languages.
skill install https://www.promptspace.in/skills/dependency-auditWhat it does
The Dependency Audit skill performs a deep-tissue scan of your project to identify unused, misplaced, and missing dependencies. It works by cross-referencing your manifest files (like package.json, requirements.txt, or Cargo.toml) against the actual import and require statements found in your source code.
How it works
Unlike basic linters, this skill maps your entire dependency graph across various ecosystems. It categorizes issues into clear buckets: unused packages that are bloating your build, dev-dependencies that accidentally leaked into production code, and "phantom" dependencies that you're using without explicitly declaring them.
Supported ecosystem
- Node.js/TypeScript: npm, yarn, pnpm (handles scoped packages and test-file detection).
- Python: pip (requirements.txt and pyproject.toml normalization).
- Go: go.mod analysis.
- Rust: Cargo.toml dependency and dev-dependency separation.
Why use this skill?
Standard dependency checkers often miss the context of where a package is used. This skill understands the difference between production source and test suites. It prevents production crashes caused by missing manifest entries and reduces your attack surface by pruning unneeded code. It delivers a comprehensive DEPENDENCY_AUDIT.md report with actionable CLI commands to fix every found issue.
Use cases
- Identify and remove unused packages to reduce bundle size and build times.
- Detect dev-dependencies accidentally used in production code paths.
- Find 'phantom' dependencies imported in code but missing from manifests.
- Generate a clean markdown report of all dependency health issues.
Example
Prompt
Sample output preview is available after purchase.