The Dependency Manager Tool
List installed packages, find what’s outdated, view the dependency tree, check for vulnerabilities, and install or remove packages across Python and Node projects — operated by an agent on infrastructure you control.
Dependencies rot the moment you stop watching them
Packages go stale, vulnerabilities get disclosed, and transitive trees grow tangled. Keeping a project’s dependencies current and safe is constant, tedious work that slips between releases.
Silent staleness
Outdated packages accumulate until an upgrade becomes a migration.
Unseen vulnerabilities
A disclosed CVE in a transitive dependency goes unnoticed for months.
Tangled trees
Nobody can see the full dependency tree to reason about conflicts.
Manual, per-ecosystem toil
Each project type has its own commands and quirks.
One interface across ecosystems
Visibility
List, outdated, and tree
See the whole picture.
A single tool lists installed packages, flags what’s outdated, and renders the full dependency tree across both Python and Node — so an agent can reason about a project’s real state.
- List installed packages
- Detect outdated versions
- Full dependency tree
- Python and Node
One interface
Safety
Vulnerability checks and updates
Find it, then fix it.
The check action surfaces known vulnerabilities, and install/uninstall let an agent remediate — keeping a project current and safe as part of a maintenance workflow.
Find and remediate
Governance
On-premise operations
Your environment, your control.
Operations run in your project directory inside your perimeter with audit logging and a bounded timeout, so dependency management stays governed and reproducible.
Bounded, logged
Parameters
The dependency tool accepts these inputs when an agent calls it. Required inputs are flagged.
default: false Optional Treat as a dev dependency (for install).
default: 120 Optional Operation timeout in seconds (10–600).
Where dependency management pays back
Upgrade sweeps
Find every outdated package and plan the bumps.
Vulnerability response
Check for known CVEs and remediate quickly.
Conflict debugging
View the tree to untangle version conflicts.
Environment setup
Install the packages a project needs in one step.
Health reporting
Report dependency freshness across projects.
Agent maintenance
Let a maintenance agent keep dependencies current.
Assigned to agents, orchestrated as networks
On VDF AI, an industry’s use cases map to agents, and you assign tools like this one to those agents. Compose multiple agents into a governed, on-premise network.
What changes after you assign it
Questions about the Dependency Manager tool
What does the dependency manager tool do?
It manages project dependencies for Python and Node: list installed packages, check what’s outdated, view the dependency tree, check for vulnerabilities, and install or uninstall packages — all through one interface an agent can drive.
Which ecosystems does it support?
Python and Node, selected via the project_type parameter, with the same set of actions across both.
Can it actually change my project?
Yes — install and uninstall modify the project in the working directory you specify. Read actions like list, outdated, tree, and check are non-mutating.
Is it safe to run?
Operations run on-premise in your project directory with audit logging and a bounded timeout you control, keeping them governed and reproducible.
How does it pair with other tools?
It complements the dependency analyzer, which maps manifests and imports — this tool operates on the live project to keep it current.
Tools that work well alongside this one
Where this tool delivers value
Keep every project’s dependencies current
See the dependency manager let an agent audit and update packages — on infrastructure you control.