sponsor-finder
Identifies sponsorable dependencies in GitHub projects using the deps.dev API, enhancing support for open source maintainers.
Install this skill
or
89/100
Security score
The sponsor-finder skill was audited on Feb 28, 2026 and we found 11 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
low line 46
External URL reference
SourceSKILL.md
| 46 | https://api.deps.dev/v3/systems/{ECOSYSTEM}/packages/{PACKAGE}/versions/{VERSION}:dependencies |
low line 51
External URL reference
SourceSKILL.md
| 51 | https://api.deps.dev/v3/systems/npm/packages/express/versions/5.2.1:dependencies |
low line 76
External URL reference
SourceSKILL.md
| 76 | https://api.deps.dev/v3/systems/{ECOSYSTEM}/packages/{NAME}/versions/{VERSION} |
low line 97
External URL reference
SourceSKILL.md
| 97 | https://api.deps.dev/v3/projects/github.com%2F{owner}%2F{repo} |
low line 123
External URL reference
SourceSKILL.md
| 123 | Use `web_fetch` on `https://registry.npmjs.org/{package-name}/latest` and check for a `funding` field: |
low line 125
External URL reference
SourceSKILL.md
| 125 | - **Object:** `{"type": "opencollective", "url": "https://opencollective.com/express"}` → use `url` |
low line 143
External URL reference
SourceSKILL.md
| 143 | - `open_collective: slug` → `https://opencollective.com/{slug}` |
low line 144
External URL reference
SourceSKILL.md
| 144 | - `ko_fi: username` → `https://ko-fi.com/{username}` |
low line 145
External URL reference
SourceSKILL.md
| 145 | - `patreon: username` → `https://patreon.com/{username}` |
low line 146
External URL reference
SourceSKILL.md
| 146 | - `tidelift: platform/package` → `https://tidelift.com/subscription/pkg/{platform-package}` |
low line 207
External URL reference
SourceSKILL.md
| 207 | https://opencollective.com/{name} |
Scanned on Feb 28, 2026
View Security DashboardInstall this skill with one command
/learn @github/sponsor-finder