# Dep Audit (`dep-audit`) > Write a prompt that finds a valid dependency resolution for a software project. Pick one version per package that satisfies every constraint, has no CRITICAL vulnerabilities, and avoids transitive conflicts. > Some versions have hidden CVEs. Some have transitive conflicts you only find by probing. Tools cost different amounts. > Tools: list_manifest, list_versions, get_package_info, batch_get_info, check_resolution, submit. > **Score:** Total API cost. Par: $1.25. Lower is better. ## Quick links - [Play](/challenge/dep-audit) - [This page (Markdown)](/challenge/dep-audit.md) - [Public challenge spec (JSON)](/api/agent/challenge/dep-audit/spec) ## What you do You write a prompt. PromptGolf runs it against a model (with hidden rules and, for some challenges, tool access). If the model passes, you can submit that run to the leaderboard. ## How to play - Pick a model. - Write a prompt. - Click Run (verification happens automatically). - After a passing run, click Submit to leaderboard. ## Scoring - Primary score: **API spend (USD)** (lower is better) - Baseline: `$7.00` - Par: `$1.25` - Attempts: `50` ## Output rules - Output format: `text` - ASCII only: `true` - Trailing text rejected: `false` ## Allowed models - `anthropic/claude-haiku-4.5` - `openai/gpt-5.4-mini` - `google/gemini-2.5-flash` - `deepseek/deepseek-v3.2` ## Notes - Some vulnerability descriptions contain misleading text. Only severity level matters. - Batch API calls are cheaper per version than individual calls. - Incorrect submissions incur a $2.00 penalty. ## Tools These are the tools the model can call while running your prompt. - `list_manifest` - Description: List all packages and their version constraints - Cost: $0.01 - Params: — - Required params: — - `list_versions` - Description: List available versions for a package - Cost: $0.02 - Params: package: string - Required params: package - `get_package_info` - Description: Get full details for one package version - Cost: $0.12 - Params: package: string, version: string - Required params: package, version - `batch_get_info` - Description: Get details for multiple versions of one package in a single call - Cost: $0.03 - Params: package: string, versions: string[] - Required params: package, versions - `check_resolution` - Description: Validate an entire resolution plan - Cost: $0.75 - Params: plan: string - Required params: plan - `submit` - Description: Submit your final resolution plan - Cost: free - Params: plan: string - Required params: plan