Skill Detail

CircleCI Orb Dependency Scanner

Scans CircleCI config.yml for outdated orb versions using the CircleCI Orbs Registry API. Reports CVEs linked to orb dependencies via Snyk vulnerability database lookups.

CI/CD IntegrationsClaude Code

CI/CD Integrations Claude Code Security Reviewed

Tool match: circleci ⭐ 843 GitHub stars

INSTALL WITH ANY AGENT

npx skills add agentskillexchange/skills --skill circleci-orb-dependency-scanner-4 Copy

Works best when you want a reusable capability, not another fragile one-off prompt.

View source

At a glance

Last updated

Mar 20, 2026

Quick brief

The CircleCI Orb Dependency Scanner skill provides automated security and freshness auditing for CircleCI pipeline configurations. It parses your config.yml to extract all orb references and queries the CircleCI Orbs Registry API to check for newer versions and deprecation notices.

How it works

What this skill actually does

For each orb dependency, the skill cross-references known vulnerabilities using the Snyk REST API vulnerability database. It generates a detailed report showing which orbs have pending updates, which contain known CVEs, and the severity ratings from the National Vulnerability Database.

The skill supports both public and private orbs, authenticating via CircleCI personal API tokens. It can be configured to run on schedule and produce SARIF-format output compatible with GitHub Advanced Security code scanning.

Additional features include automatic pull request creation for safe orb version bumps using the CircleCI API v2 pipeline trigger endpoint. The skill maintains a local cache of orb metadata to minimize API calls during repeated scans.

Best fit

When to reach for it

Best when the job fits CI/CD Integrations.
Works naturally with Claude Code setups.

Trust & provenance

Why this listing is credible

Built around the circleci toolchain.
Trust status: Security Reviewed.
843 GitHub stars on the linked upstream source.
Last updated Mar 20, 2026.

View source ↗