evaluating-dependencieslisted

Evaluates packages before installation across npm, pnpm, yarn, bun, cargo, pip, uv, go, and nuget. Checks footprint, maintenance status, alternatives, license, and security. Use when adding dependencies, choosing between libraries, optimizing bundle size, or running npm install, pnpm add, yarn add, bun add, cargo add, pip install, uv add, go get, or dotnet add package.
Saturate/agents · ★ 0 · DevOps & Infrastructure · score 66

Install: claude install-skill Saturate/agents

# Evaluating Dependencies Evaluate packages before installation — across ecosystems — to make informed decisions about footprint, maintenance, alternatives, license, and security. ## Universal decision framework Run these checks regardless of ecosystem. Tools differ; the questions don't. ``` Evaluation Progress: - [ ] 1. Need check — do we actually need it? is it already in deps? - [ ] 2. Alternatives — identify 2-4 options if no specific package requested - [ ] 3. Footprint — size/impact (bundle, binary, import cost) - [ ] 4. Maintenance — last release, release cadence, deprecation status - [ ] 5. Security — known CVEs, audit results - [ ] 6. License — compatible with the project - [ ] 7. Recommend — pick one, justify briefly - [ ] 8. Install — pinned version, correct dep category ``` ### 1. Need check Before considering *which* package, ask *whether*: - Is it already installed? (`package.json`, `Cargo.toml`, `pyproject.toml`, `go.mod`, `*.csproj`, `Directory.Packages.props`) - Can the stdlib do it? (`Date` in JS, `datetime` in Python, `time` in Go, `chrono` in modern Rust projects) - Is it a one-liner we can inline? Adding a dep is a commitment — maintenance, security surface, lock file churn. Default to no. ### 2. Alternatives If the user gave a specific package, proceed to Step 3 with it. Mention obvious alternatives if relevant. If the user gave a generic need ("a da