← Back to Skills

1K Pkg Upgrade Review

🌐Community
by onekeyhq · vlatest · Repository

Reviews OneKey's automated 1,000+ package upgrade proposals, flagging potential risks and optimizing cost savings.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add 1k-pkg-upgrade-review npx -- -y @trustedskills/1k-pkg-upgrade-review
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "1k-pkg-upgrade-review": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/1k-pkg-upgrade-review"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill scans a monorepo containing over 1,000 packages to identify outdated dependencies. It automatically generates upgrade plans and executes version bumps across the entire codebase to maintain security and compatibility.

When to use it

  • You need to audit a large-scale monorepo for deprecated or vulnerable library versions.
  • Your development team requires an automated workflow to keep thousands of packages synchronized with latest stable releases.
  • You want to reduce manual effort in reviewing changelogs before applying dependency updates.
  • You are preparing for a major release and need to ensure all internal packages are up-to-date.

Key capabilities

  • Scans monorepos with 1,000+ packages efficiently.
  • Identifies outdated dependencies automatically.
  • Generates comprehensive upgrade plans.
  • Executes version bumps across the entire repository.

Example prompts

  • "Run a full dependency audit on my app-monorepo and list all packages needing updates."
  • "Generate an upgrade plan for all outdated libraries in the 1k-pkg-upgrade-review scope."
  • "Execute the generated upgrade plan to bump versions of identified dependencies."

Tips & gotchas

Ensure your monorepo structure is properly configured before running the skill, as it relies on specific directory layouts to function correctly. Always review the generated upgrade plans in a staging environment before applying changes to production systems to prevent potential breaking changes.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
onekeyhq
Installs
29
Repository (canonical source) →

🌐 Community

Passed automated security scans.