name: angular-deps-audit description: Audit Angular dependency drift, security exposure, and CI impact without mutating files; produce deterministic upgrade planning output. triggers: - "audit Angular dependencies" - "check outdated Angular packages" - "security review for Angular deps" inputs: - "mode flag: --dry-run | --verify-only (default: --dry-run)" outputs: - "audit report with outdated/security/compatibility data" safety: - "execute mode disabled intentionally to prevent accidental mutations" - "read-only commands only" commands: - "skills/angular-deps-audit/scripts/run.sh --dry-run"

When to use / when NOT to use

•Use for dependency drift visibility, security notes, and CI-change planning.
•Do not use as a replacement for full upgrade execution.

Preconditions (tools, versions, repo state)

•package.json present.
•Matching package manager installed.

Workflow (DISCOVER → PLAN → EXECUTE → VERIFY → REPORT)

•DISCOVER: detect manager and Angular package baselines.
•PLAN: define audit scope.
•EXECUTE: intentionally blocked for safety.
•VERIFY: run outdated/audit commands and compatibility scan.
•REPORT: produce planning-ready summary.

Exact commands and expected signals

bash

skills/angular-deps-audit/scripts/run.sh --dry-run
skills/angular-deps-audit/scripts/run.sh --verify-only --ci

Success: report contains package manager, outdated list, audit output, and CI file hints. Failure: missing package.json or package manager tool.

If it fails (checklist)

•Install/activate expected package manager.
•Ensure lockfile matches package manager.
•Re-run with --verbose for command-level logs.

Final report template

•Repo/tooling detected.
•Outdated packages snapshot.
•Security/audit signals.
•CI impact notes.
•Recommended next upgrade PR slices.