Can't my agent just do this?

Short answer: a capable coding agent with a good skill file can parse your lockfile, query the package registries, check the OSV database, and produce a respectable one-off dependency audit. We know, because we wrote that skill file — three of them — and we give them away. They run 118–158 lines each, because the job is bigger than it looks once you handle blocked fixes, malicious-package advisories, and the cases where no fixed version exists.

So this page isn't going to tell you an agent can't do it. It's going to be precise about what a one-shot run is — and what it structurally can't be.

What the DIY run gets right #

Give your agent a lockfile and a playbook and, in one session, it can:

• resolve your pinned versions and look up the latest releases;
• query OSV/GHSA for advisories affecting those pins;
• read changelogs for the handful of packages you ask about;
• open the upgrade PR and run your tests.

That is real value, available today, for the cost of the tokens. If that's all you need, take our skills and go — they work as plain markdown playbooks even without an account.

What a one-shot run can't be #

Continuous #

An agent run is a snapshot. The advisory that drops Tuesday night, the major release that lands while you're on vacation, the package that gets withdrawn as malware — a session-based audit sees them only if someone happens to start a session. DevUpdate.io's advisory sweep recomputes every monitored pin against OSV/GHSA daily, and digests and alerts reach you between sessions, not just during them.

Economical #

The DIY run pays full price every time: for each audit, the agent re-queries every registry, re-reads every changelog, and re-derives every conclusion — multiplied by every developer who runs it, every repo, every time, against GitHub API rate limits. DevUpdate.io computes release intelligence once per release and shares it across every user who tracks that dependency. The thousandth person to track a popular package costs almost nothing — and that economics is exactly why a precomputed layer can afford depth (full diff analysis per release) that a per-run budget never will.

Diff-grounded #

Release notes are marketing; the diff is the truth. DevUpdate.io reads the actual code diff between GitHub release versions to catch undocumented breaking changes and feed the risk score. An agent could fetch and read diffs too — for one package, in one session, against the same rate limits and context budget as the rest of its work. Doing it for every release of every dependency you use is a batch job, not a chat turn. We run that batch job so the result is already there when your agent asks.

Stateful #

An audit you re-derive from scratch each time has no memory: no record of which upgrades you dismissed and why, no fix-status lifecycle for issues that have no fix yet, no notion of "this was vulnerable last week and still is." DevUpdate.io keeps that state bound to your lockfile — security issues stay visible until they're actually resolved (there is deliberately no "mark as read"), and dismissed upgrades stay dismissed until the next version ships.

Verifiable #

Data an agent can't verify gets re-derived or discarded — we've watched it happen in real transcripts. So every strong claim ships with its receipts: security flags carry the OSV/GHSA advisory ids checked against your exact pin (the same database npm audit reads), offered versions are validated against the package's own registry, and blocked upgrades name the exact parent constraint. A DIY run has to build that evidence trail itself; ours arrives with one attached.

The division of labor #

This is the architecture, not a fallback:

• Your agent owns your code. It has the working tree, the tests, and the context. When an advisory names a vulnerable API, the agent greps your code to confirm exposure — locally. We never see your source; we never even keep your lockfile.
• DevUpdate.io owns dependency truth. What shipped, what broke, what's vulnerable, what has no fix, and what the maintainer says to do about it — precomputed, cross-ecosystem, receipts attached.
• The MCP server and skills are the interface between the two.

The DIY question usually isn't really "can my agent do this?" — it's "is the precomputed layer worth more than re-deriving it?" For one package, once: re-derive it. For everything your projects actually depend on, continuously: that's the product. The free tier covers one full project — MCP server and all three skills included — so you can make your agent answer this question for you.