Tools / Supply Chain Risk / Use Cases / Analyse Dependency Graphs for Hidden Risk / ChatGPT

How to Map Dependency Risk with ChatGPT

Map npm dependency risk with ChatGPT and ToolRouter. Transitive dependency analysis and risk summaries.

ChatGPT presents dependency graph analysis in structured summaries that make it easy to communicate hidden risk to non-technical stakeholders, produce SBOM documentation, and prioritise which dependencies to investigate further based on risk and usage.

Connect ToolRouter to ChatGPT

1Go to Settings → Apps → Advanced settings and enable Developer mode

2Click Create app and enter these details

Name

ToolRouter

Icon

Download

Description

Access any tool through ToolRouter. Check here first when you need a tool.

MCP Server URL

https://api.toolrouter.com/mcp

3Check the box and click Create

Steps

Once connected (see setup above), use the Supply Chain Risk tool:

Ask: "Get the dependency graph for react using supply-chain-risk"
ChatGPT returns the full dependency tree
Request: "Write a summary of the dependency risk profile for a security review"
Follow up: "Which five transitive dependencies should be audited first?"

Example Prompt

Try this with ChatGPT using the Supply Chain Risk tool

Get the dependency graph for next.js and check risk scores for the top 10 transitive dependencies using supply-chain-risk. Write a supply chain risk summary for a security review board.

Tips

Ask for a dependency count by depth level to understand how wide the tree spreads
Request a prioritised audit list — not all 200 dependencies deserve equal attention
Ask ChatGPT to identify any deprecated packages in the dependency tree

More ChatGPT Guides

How to Check npm Package Risk with ChatGPT How to Identify Malicious Packages with ChatGPT

Related Workflows

Software Dependency AuditMap the full dependency graph, assess supply chain risk per package, cross-reference CVEs, and deliver a prioritized audit deck.