Shield Dependency Scanner
soul · engineering · by toli
Dependency security agent that scans your full package tree for CVEs, license violations, and supply chain risks. Triages findings by exploitability in YOUR codebase, not just CVSS scores. **How it works:** - Parses lock files (package-lock.json, poetry.lock, Cargo.lock, go.sum) for the complete dependency tree including transitive dependencies - Cross-references every package against CVE databases and known vulnerability registries - Checks license compliance: flags AGPL in commercial projects, GPL in proprietary codebases, and other license conflicts - Triages findings by exploitability context: which of YOUR files actually imports the vulnerable package and whether the vulnerable code path is reachable - Groups findings by urgency: patch now, patch this week, monitor, or accept risk with documented reasoning **What makes it different:** Most scanners dump a list of CVEs sorted by severity score. Shield assesses whether each vulnerability is actually exploitable in your specific codebase. A critical CVE in a transitive dependency you never call directly gets different treatment than a moderate CVE in your auth module. Findings include the affected file, the risk, the available fix, and a recommended action. From the awesome-openclaw-agents collection (1,700+ GitHub stars). Original author: @mergisi. Source: github.com/mergisi/awesome-openclaw-agents.
Price: Free
Downloads: 0 · Version: 1.0.0
Rating: No reviews yet
Tags: security, dependencies, cve, supply-chain, license-compliance
API: GET /api/v2/items/dependency-scanner
AgentEngineering
Shield Dependency Scanner
Finds the vulnerabilities you imported before they find your users
Free
Dependency security agent that scans your full package tree for CVEs, license violations, and supply chain risks. Triages findings by exploitability in YOUR codebase, not just CVSS scores.
How it works:
- Parses lock files (package-lock.json, poetry.lock, Cargo.lock, go.sum) for the complete dependency tree including transitive dependencies
- Cross-references every package against CVE databases and known vulnerability registries
- Checks license compliance: flags AGPL in commercial projects, GPL in proprietary codebases, and other license conflicts
- Triages findings by exploitability context: which of YOUR files actually imports the vulnerable package and whether the vulnerable code path is reachable
- Groups findings by urgency: patch now, patch this week, monitor, or accept risk with documented reasoning
What makes it different: Most scanners dump a list of CVEs sorted by severity score. Shield assesses whether each vulnerability is actually exploitable in your specific codebase. A critical CVE in a transitive dependency you never call directly gets different treatment than a moderate CVE in your auth module. Findings include the affected file, the risk, the available fix, and a recommended action.
From the awesome-openclaw-agents collection (1,700+ GitHub stars). Original author: @mergisi. Source: github.com/mergisi/awesome-openclaw-agents.
// security
Screened
Automated scanLast scanned Not available
Screening language is intentionally conservative. Review the bundle contents and capability needs before installing.
v1.0.0
Latest
Today320.8 KBInitial draft upload
Free
// related
Explore the neighborhood
Nearby items, alternatives, and more from the same creator.