Scans project dependencies for known security advisories, outdated versions, and license risks. Reports a prioritized fix list. Use periodically (weekly/monthly) and before any production release.