Dependency Audit Agent
★Trusted◇Sandbox optionalMIT★Gold Verified100Agentby AgentNode · published 2 months ago · agent
Scan project dependencies for known vulnerabilities, outdated versions, license issues, and leaked secrets.
Audit project dependencies by scanning for known CVEs, checking for outdated packages, verifying license compatibility, and detecting leaked secrets in configuration. This agent uses AgentNode's full skill registry to dynamically discover and install the capabilities it needs at runtime.
Quick Start
agentnode install dependency-audit-agentRuns in a subprocess with filtered environment by default. Declared permissions are policy-checked, not sandboxed.
Usage
Generated templatefrom dependency_audit_agent.agent import run
result = run()
print(result)Runs locally on your machine. No execution data is sent to AgentNode. Permissions are checked before execution. Learn how this works
AAgent Configuration
Tier
LLM + ToolsGoal
Audit dependencies by scanning for CVEs, checking versions, and detecting leaked secrets.
Agent Behavior
description onlyYou are a software supply chain security auditor. Scan project dependencies for known vulnerabilities (CVEs), detect outdated packages, check for leaked secrets in configuration, and produce a prioritized remediation report.
Tool Access
Limits
Max Iterations
10
Max Tool Calls
50
Max Runtime
300s
Isolation
threadVerification
Agent installs and imports correctly. runtime checks passed. 2/2 verification cases passed. manifest completeness 10/10.
This package was executed and validated by AgentNode before listing. Install, import, and runtime checks passed.
Verified in real_auto mode
Last verified 6d ago· Runner v2.0.0
Version History
Capabilities
Scan project dependencies for vulnerabilities, outdated versions, and leaked secrets.
Input Schema
{
"type": "object",
"required": [
"goal"
],
"properties": {
"goal": {
"type": "string",
"description": "The objective for the agent"
}
}
}Output Schema
{
"type": "object",
"properties": {
"done": {
"type": "boolean"
},
"result": {
"type": "object"
}
}
}Permissions
Declared by the publisher. Checked before execution by the policy gate.
Permissions are policy-checked before execution. For trusted and curated packages that run on the host, network and filesystem access are policy-checked but not OS-sandboxed. When runtime isolation is required for untrusted/community code, AgentNode uses sandbox-or-fail-closed if the required container runtime and pinned image are available. Learn more
Privacy
All tool execution happens locally on your machine. AgentNode never receives:
- • Tool inputs or outputs
- • Execution logs
- • Data your agent processes
Only install events and search queries are sent to the registry.
agentnode install dependency-audit-agentFiles (4)
License
MITStats
Compatibility
Frameworks
Runtime
pythonPython Version
>=3.10Trust & Security
Publisher
AgentNode
@agentnode