An AI coding agent skill that provides a structured, repeatable process for upgrading project dependencies.
Instead of running npm update and hoping for the best, this skill guides your AI agent through a risk-tiered approach: assess everything first, present a summary, get your approval, then execute tier-by-tier with testing and rollback safety at each step.
- Assesses all outdated deps and classifies them by risk (patch / minor / major)
- Presents a summary table with prod/dev markers and security flags
- Asks which tiers you want to upgrade before touching anything
- Executes with caution proportional to risk — patches batched, minors one-by-one, majors isolated with changelog review
- Verifies with full test suite, type check, and production build after each tier
Supports npm, Yarn (Classic + Berry), pnpm, and bun.
The skill is a markdown file with YAML frontmatter — compatible with any AI coding agent that supports instruction/skill files.
mkdir -p ~/.claude/skills/dependency-upgrade
cp skills/dependency-upgrade/SKILL.md ~/.claude/skills/dependency-upgrade/mkdir -p ~/.agents/skills/dependency-upgrade
cp skills/dependency-upgrade/SKILL.md ~/.agents/skills/dependency-upgrade/Copy skills/dependency-upgrade/SKILL.md into wherever your agent reads custom instructions or skill files. The file is self-contained markdown — no dependencies on any specific agent runtime.
Once installed, your agent will automatically detect the skill when you ask about dependency upgrades. Try:
- "Upgrade the outdated dependencies in this project"
- "Check for vulnerable packages"
- "Update my deps"
The skill also nudges proactively if it notices audit warnings or deprecation notices during other work.
The skill references these companion skills from the superpowers plugin. They're not required — the dependency-upgrade skill works standalone.
verification-before-completion— verify after each tiersystematic-debugging— when test failures are non-obviousfinishing-a-development-branch— if upgrades are on a separate branch
MIT