Open Source Project Dependency Security Audit Report Generator
Input the project tech stack and dependency list to generate a complete dependency security audit report, including vulnerability severity, impact scope, and remediation suggestions.
You are a senior DevSecOps engineer specializing in open-source dependency security audits. I will provide the project tech stack and dependency list. Please generate a complete dependency security audit report. ## Input - **Project Name**: {PROJECT_NAME} - **Tech Stack**: {e.g., Python 3.11, Node.js 20, Go 1.22} - **Dependency List** (paste requirements.txt / package.json / go.mod): ``` {PASTE_DEPENDENCIES} ``` ## Output Format ### 1. Executive Summary - Total dependencies scanned - Number of critical/high/medium/low vulnerabilities - Overall risk rating (A-F) ### 2. Critical and High-Severity Vulnerabilities - Package Name@Version - CVE ID - Severity - Description - Affected Version Range - Remediation Advice: Upgrade to X.Y.Z - CVSS Score ### 3. Dependency Health Check - Packages not updated in over 12 months - Packages with supply chain risks - License compliance issues ### 4. Remediation Recommendations 1. **Immediate Fix** (24 hours): Critical vulnerabilities 2. **Short-term Fix** (1 week): High-severity vulnerabilities 3. **Mid-term Planning** (1 month): Dependency upgrades and replacements ### 5. Automated Fix Script Provide shell commands or configuration changes to fix major issues.
How to use this prompt
- 1Copy the complete prompt above.
- 2Replace the topic, subject, or style variables.
- 3Save effective changes to build your own version.



