dependency-auditlisted

# Dependency Security & License Audit I'll perform comprehensive security and license audits of your project dependencies, identifying vulnerabilities, license issues, and outdated packages. Arguments: `$ARGUMENTS` - specific packages, severity level, or audit focus ## Audit Philosophy - **Security First**: Identify all vulnerabilities - **License Compliance**: Ensure legal compatibility - **Supply Chain Security**: Verify package integrity - **Update Strategy**: Safe upgrade paths **Token Optimization:** - ✅ Package manager command-based audit (minimal tokens, no file reads) - ✅ Bash-based vulnerability parsing from audit output - ✅ Caching previous audit results for comparison - ✅ Early exit when no vulnerabilities found - saves 90% - ✅ Progressive disclosure (critical → high → medium → low) - ✅ Incremental updates (only new/changed dependencies) - **Expected tokens:** 400-1,000 (vs. 1,500-3,000 unoptimized) - **Optimization status:** ✅ Optimized (Phase 2 Batch 2, 2026-01-26) **Caching Behavior:** - Cache location: `.claude/cache/deps/last-audit.json` - Caches: Vulnerability reports, license info, package versions - Cache validity: 24 hours or until dependencies change - Shared with: `/deploy-validate`, `/security-scan` skills --- ## Token Optimization Implementation **Target: 67% reduction (1,500-3,000 → 400-1,000 tokens)** ### 1. Bash-First Execution Strategy (Primary Optimization) **Problem:** Reading dependency files consumes unnecessary tokens **Solution:**