Validates that all project dependencies use licenses compatible with your policy.
License Compliance Checker maps every dependency in your project to its SPDX license identifier and validates the full tree against a policy you define. It catches copyleft licenses (GPL, AGPL) in proprietary projects, flags unknown or missing licenses, and identifies license conflicts between dependencies.
The skill reads your package manifest and resolves the full dependency tree, then fetches license data from the registry (npm, PyPI, crates.io) and falls back to parsing LICENSE files in node_modules or site-packages when registry data is incomplete.
Output is a compliance report grouped by license type, with a clear pass/fail status per dependency. The skill can also generate an SBOM (Software Bill of Materials) in SPDX or CycloneDX format for compliance documentation. Requires `curl` on PATH.