Core insight: adding external dependencies is the fastest route to hidden operational, legal, and security debt. The Dependency Gatekeeper reduces that risk into a one‑line habit you can enforce in minutes: require a Dependency Gate token (Name|Source|License|Owner|MaintenanceRisk|RollbackPlan) attached to every new external inclusion. In ten minutes I walk you through a minimal scoring rubric, three low‑friction enforcement moves (CI preflight block, ephemeral sandbox shadow, and a short staged SLA for data/services), and two constrained AI patterns to auto‑surface transitive packages, licensing red flags, and recent vulnerability signals. You’ll get three paste‑ready Gate examples (open‑source lib, third‑party API, purchased dataset) and a 7‑day pilot script: pick recent unresolved additions, attach Gate tokens, run an automated transitive scan, and enforce one rollback or isolation where risk is highest. Fast action: put a Dependency Gate on the next external import and subscribe. Stay agentic.