Dependency Check Plugin

STRONG · 77
Community indexed

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Downloads0
Stars140
Version1.0.0
Quality79/100 · Strong
Trust77/100 · Review then install
Audit86/100 · Safe to try

Supply asset profile

Coding and developer agents

Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills.

Browse track

Scenario

GitHub automation

I need my agent to triage GitHub issues, review pull requests, and summarize repository changes.

Agent fit

Claude Code + CLI + Codex

Codex, Claude Code, Cursor, CLI, or custom agents.

Install

Ready

npx skills add jenkinsci/dependency-check-plugin

Maintenance

fresh

30d since push

Risk

Safe to try

Quality score needs review

GitHub quality

140

79/100 quality · 82/100 trust

Coverage tags

CodingGitHub automationdevopsautomationappsec

Review notes

Quality score needs review

Agent adoption scorecard

Trust, audit, and install readiness at a glance

These scores combine public repository metadata, OpenAgentSkill review signals, maintenance freshness, and install readiness. They are a shortlist signal, not a replacement for human review.

Quality

Strong
79

Solid option that is likely worth shortlisting for production workflows.

Trust

Review then install
77

Good shortlist signal, but the agent should review audit notes, install policy, and outcome evidence before running it.

Audit

Safe to try
86

Install readiness, security metadata, maintenance, and adoption risk.

Trust Score v5

Human review before install

Use as the primary candidate after human or sandbox review.

JavaDevOpsCodexClaude CodeCursor

Stars

140 GitHub stars

Repo activity

140 stars, 74 forks

Maintenance

30d since push

License

Apache-2.0

Install

npx skills add jenkinsci/dependency-check-plugin

Install safety

standard package or runtime install path

Permission surface

filesystem or document access

Agent outcomes

No agent outcome data yet

Docs

Strong README/SKILL.md context

Risk summary

Low metadata risk

  • Quality score needs review

Install readiness

Install path available

  • Install path is available
  • Repository evidence is available
  • License is declared
  • No Agent Proven outcome evidence yet

Agent-readable metadata

Machine-readable decision data for this skill.

Use this block or the embedded JSON to decide whether an agent should install this skill, choose an alternative, or ask for human review first.

Open JSON

Suited tasks

  • GitHub automation workflows
  • Claude Code teams
  • builders willing to evaluate younger projects
  • Inspect repository metadata

Suited agents

JavaDevOpsCodexClaude CodeCursorOpenAgentSkill CLICLI

Install decision

Command
npx skills add jenkinsci/dependency-check-plugin
Policy
review
Human review
yes

Trust and risk

Trust
77/100
Audit
86/100
Risk level
Safe to try

Outcome loop

Endpoint
/api/agent/outcome
Event ID
resolve
Outcomes
5

Install command

npx skills add jenkinsci/dependency-check-plugin

Do not use when

  • teams that need a vendor-supported SLA
  • high-compliance environments without internal security review
  • No OpenAgentSkill engagement data yet
  • Quality score needs review
  • Production credentials, payments, or irreversible account changes without explicit human review

Agent safety v2

70/100 · Review before install

Reviewedreview

Good audit and safety signals with no high-risk permission hints in public metadata.

Review the audit page, then allow agent install in a sandboxed workflow.

Resolve via API

medium

Network access

Skill likely fetches remote pages, APIs, repositories, or external services.

medium

Filesystem access

Skill may read or write project files, documents, generated artifacts, or local workspace state.

  • Quality score needs review

Install targets

Install this skill in your agent workflow

Copy the registry command or an agent-specific install prompt for Codex, Claude Code, and Cursor.

skill install

OpenAgentSkill CLI

Use the registry command when your workflow supports the OpenAgentSkill installer.

$ npx skills add jenkinsci/dependency-check-plugin

Agent resolve plan

Let an agent verify fit before installing.

The Resolve API returns the selected skill, alternatives, safety policy, audit notes, install target, and copy-paste prompt an agent can follow without scraping this page.

Open text plan

Agent should check

  • Task fit and alternatives from Resolve API.
  • Audit score, trust score, and safety policy warnings.
  • Install target compatibility for Codex, Claude Code, Cursor, or CLI.

Copy prompt

Task: Use Dependency Check Plugin in this workspace.
Resolve first: https://www.openagentskill.com/api/agent/resolve?task=Use%20Dependency%20Check%20Plugin%20for%20an%20agent%20workflow&agent=codex&max_risk=medium
Review install handoff: https://www.openagentskill.com/api/skills/jenkinsci-dependency-check-plugin/install
Install command: npx skills add jenkinsci/dependency-check-plugin
Before running it, summarize audit warnings, required permissions, and the fallback skill if install is risky.

Agent handoff

Give an agent the install path, not another directory page.

Use the public install endpoint to fetch the command, safety checklist, target prompts, and canonical links for this skill.

Open install API

Agent prompt

Use Dependency Check Plugin for this task. Review https://www.openagentskill.com/api/skills/jenkinsci-dependency-check-plugin/install, then install with: npx skills add jenkinsci/dependency-check-plugin

Registry metadata

Agent-readable profile for automatic skill selection.

This page exposes the same decision, trust, audit, use-case, and install signals through the Registry API, so agents can rank this skill without scraping the UI.

Open manifest

Agent fit

78/100

GitHub automation

Platforms

Java, DevOps, Claude Code

Audit report

Safe to try · 86/100

Review install readiness, maintenance, trust, quality, and metadata warnings before adding this skill to an agent workflow.

View audit reportView eval report

Agent decision cockpit

Companion skill for GitHub automation

Shortlist this skill and compare it with close alternatives before production adoption.

78
Readiness
Shortlist
Stage

Role in stack

Companion skill

Primary fit

GitHub automation

Trust label

Strong shortlist

Install path

Command ready

Use when

  • GitHub automation workflows
  • Claude Code teams
  • builders willing to evaluate younger projects

Evidence

  • recent repository activity
  • install command or GitHub repo available
  • 79/100 quality profile

Review first

  • No OpenAgentSkill engagement data yet

Implementation path

  1. 1Install it in a sandbox agent and run one GitHub automation task end to end.
  2. 2Compare output quality, latency, and failure behavior against at least one alternative.
  3. 3Promote it into production only after reviewing repository permissions, license, and maintenance signals.

Trust profile

Review then install

Good shortlist signal, but the agent should review audit notes, install policy, and outcome evidence before running it.

77
Trust score

GitHub adoption

INFO

140 GitHub stars

Stars/forks activity

INFO

140 stars, 74 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

30d since push

License clarity

PASS

Apache-2.0

Good signals

  • AI review approved
  • Install path is available
  • Repository evidence is available
  • Recently maintained repository
  • Install command has no obvious high-risk pattern
  • Outcome loop is ready but needs first real agent run

Review before install

  • Quality score needs review
  • No real agent outcome reports yet
  • Human review required before unattended installation

Recommended action

Use as the primary candidate after human or sandbox review.

Quality profile

Strong candidate for agent workflows

Solid option that is likely worth shortlisting for production workflows.

79
GitHub stars
140
Freshness
30d ago
Install ready
Yes
License
Apache-2.0

Workflow fit

Use this skill in these scenarios

Stack fit

Add it to a complete workflow

Alternative shortlist

Compare before you install

Similar skills in this category, ranked with the same readiness and quality signals.

Compare all

Overview

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Imported by the skill-only GitHub discovery pipeline because it matches agent skill, automation, domain workflow, RAG, document-processing, data, finance, security, or developer-tool signals. Protocol-server projects are excluded from automated imports.

Platform Compatibility

javaFULL
devopsFULL

Technical Details

Version
1.0.0
License
Apache-2.0
Last Updated
6/21/2026
Published
6/21/2026

Frameworks & Tools

JavaDevOps

Decision snapshot

Companion skill

78
Ready
Shortlist
Stage

recent repository activity

Audit snapshot

Install review

Install and adoption review

86
Safe to try
Security
88/100
Maintenance
100/100
Install
92/100
Open full auditOpen eval report

Agent-proven evidence

Agent Proven evidence

Outcome reports after resolve, review, install, and one narrow run.

0
Proven
Needs first agent runAuto-install: review firstLast: Unknown
Success rate
Recent failure
Outcomes
0
Output quality
Failed
0
Not relevant
0
Installs
0
Risk blocked
0
Setup needed
0
Production
0

No agent outcome data yet. The first agent run can report success, setup needs, risk blocks, failure, or not-relevant through /api/agent/outcome.

Install

Add to agent workflow

Free and open source. Review the audit before production use.

Growth loop

Share kit

X

Scenario-led draft for Dependency Check Plugin, ready for a manual X post.

Curator note
A good workflow skill turns repeated manual steps into something an agent can safely replay.

Dependency Check Plugin helps agents move a repeatable workflow out of manual copy-...

140 stars

https://www.openagentskill.com/skills/jenkinsci-dependency-check-plugin?ref=x
#AIAgents
Open X draft
Optional reply with install command
Listing + install path for Dependency Check Plugin:
https://www.openagentskill.com/skills/jenkinsci-dependency-check-plugin?ref=x

Install: npx skills add jenkinsci/dependency-check-plugin

Listing source

Community indexed

Claimable

This listing was indexed from public sources and is not marked official until a maintainer claim is approved.

Creator
jenkinsci
Indexed by
OpenAgentSkill community index

Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals.

Claim this skill

Owner claim

Claim this skill listing

This community indexed listing is attributed to jenkinsci but is not marked official yet. Claim it to add a verified owner signal and make future launch, install, and audit updates easier to trust.

README badge

Add this badge to your GitHub README to show the listing, trust score, and install handoff.

[![OpenAgentSkill](https://www.openagentskill.com/api/badge/jenkinsci-dependency-check-plugin)](https://www.openagentskill.com/skills/jenkinsci-dependency-check-plugin)

Author

J

jenkinsci

@jenkinsci

Platform Fit

Health Signals

GitHub stars
140
Quality score
49/100
Last GitHub push
Jun 2, 2026
Framework hints
2
OpenAgentSkill views
0
Install copies
0
Outbound clicks
0

Community Signal

Share whether this skill looks useful for your agent workflow. Aggregated feedback improves rankings over time.

Trust & Safety

Review then install

77
  • GitHub adoption140 GitHub starsINFO
  • Stars/forks activity140 stars, 74 forks; issue activity unavailable in current metadataINFO
  • Recent maintenance30d since pushPASS
  • License clarityApache-2.0PASS
  • README/SKILL.md completenessMetadata includes enough usage and workflow contextPASS
  • Dependency/runtime riskno major dependency risk hints in public metadataPASS