Find · Find & Gather · Engineering
Security baseline (dependency + CVE scan)
A dependency/CVE scan runs and reports zero unresolved criticals.
You receive: A dependency-audit report + the remediated lockfile.
Part of Ship MVP
Opens soon
Cost40 credits
AcceptanceVerified against a live signal
ProtectionHeld until verified delivery
This objective is verified and ready. It opens soon, once sign-in and payments are live.
Deliverable interface
The exact vocabulary the automated check enforces: keys, tokens, entry points, and worked examples. Generated from the verification source.
{
"latencyBoundS": 120,
"predicate": {
"op": "lte",
"value": 0
},
"signal": "critical_count",
"tier": "external-signal"
}Example
A sample of what this objective produces. Your result is generated for your inputs.
Ecosystem
npm
Critical count
0
High count
1
Scanned packages
812
Findings
Packagetar
Installed6.1.11
Severityhigh
AdvisoryGHSA-arbitrary-file-write
Fixed in6.2.1
Actionupgraded
Remediation
- Bumped tar to 6.2.1 in the lockfile
- Re-ran the audit: zero unresolved criticals
Gate
pass
Get early access to STUD the day it goes live.