akshayrao14
UserClaude Code / Codex / Cursor Agent Skill: defensive Dependabot triage with lockfile parity & exposure mapping. Plus team git workflow scripts (releases, PR helpers, branch resets).
Categories
Indexed Skills (3)
dependabot-triage-py
Triage and fix Dependabot vulnerability alerts in Python repos (pip, poetry, uv, pdm, pipenv). v2.1 workflow with Standard (defensive) and Fast-Track (low-risk) modes — defensive minimal-patched versioning (PEP 440 ranges), exposure mapping (Public/API · Internal/Dev), CI workflow inspection to detect every PM in play, mandatory lockfile parity check across every PM that touches pyproject.toml / requirements*.txt, changelog scrape with BREAKING/DEPRECATED/MIGRATION flagging, and safety interlock before applying bumps. Fast-Track mode skips changelog + detailed exposure for Internal/Dev or CVSS<7 alerts, but parity check + dual-write are non-negotiable. Use when the user shares a Dependabot URL for a Python repo, asks to fix CVEs in a Python project, or asks which Python vulnerability to pick first.
dependabot-triage
Triage and fix Dependabot vulnerability alerts in JavaScript/TypeScript repos (Node.js services AND browser frontends). v2.1 workflow with Standard (defensive) and Fast-Track (low-risk) modes — defensive minimal-patched versioning, exposure mapping (Public/API · Client-Bundle · Internal/Dev), CI workflow inspection to detect every PM in play, mandatory lockfile parity check across every PM that touches package.json, changelog scrape with BREAKING/DEPRECATED/MIGRATION flagging, and safety interlock before applying bumps. Fast-Track mode skips changelog + detailed exposure for Internal/Dev or CVSS<7 alerts, but parity check + dual-write are non-negotiable. Covers npm, pnpm, yarn, bun lockfiles. Use when the user shares a Dependabot URL, asks to fix CVEs, or asks which vulnerability to pick first.
session-loop
Multi-day project pause/resume toolkit for agent-assisted work. Provides a coherent set of sub-flows for ending a session safely (`/session-wrap`), rehydrating context at the start of the next session (`/session-catchup`), light mid-session saves (`/session-checkpoint`), reality-vs-ledger drift checks (`/session-drift`), append-only decision logging (`/session-decide`), unresolved-thread scans (`/session-open-loops`), and pre-compaction state persistence (`/session-compact-check`). Operates over a shared artifact contract — `NEXT_SESSION.md` for ephemeral handoff state, `DECISIONS.md` (or an existing ledger) for append-only ADRs, and `UPDATES.md` for dated narrative. Use when the user says "let's stop here", "wrap up", "pick up where we left off", "what was I doing", "before I touch X, check the world", "log this decision", "what's left open", or invokes any of the slash commands above. Designed for projects that span days or weeks where session boundaries are real and context is expensive to rebuild from scr
Bio shown is the top-scored skill's repo description as a fallback — real GitHub bios land in a future update.