Dependency Vulnerability Scanner
Audits npm/pip/cargo dependencies for CVEs, deprecated packages, and license conflicts daily
Install as a GitHub Copilot agent via the gh CLI extension, or drop the .agent.md file into your repository.
gh extension install customagent/dependency-scanner
Or manually copy the agent file into .github/agents/dependency-scanner.agent.md
About This Agent
Dependency Vulnerability Scanner is a free, open-source AI agent designed to automate development workflows. Built on the langchain framework, it handles the repetitive, time-consuming tasks so your team can focus on high-value work.
The agent integrates with your existing tools and data sources, requiring minimal configuration to get started. Once deployed, it runs autonomously — processing inputs, making decisions based on your rules, and delivering structured outputs you can act on immediately.
Fully open-source and community-driven. Fork it, extend it, contribute back. No vendor lock-in, no usage limits, no credit card required.
Example Prompts
Capability Matrix
LLM Compatibility
Setup Complexity
Reviews (91)
MIT License — use commercially, fork, contribute
License: MIT Open Source
- Free for commercial use
- Modify and redistribute
- No attribution required
- Fork for your own products