We present a cluster analysis of the Maven Central Repository’s dependency structure to identify and assess vulner- ability risks using the Goblin framework. Through analysis of over 15 million artifacts using the Leiden community detection algorithm, we identified approximately 67 thousand distinct clusters with a high modularity score. Our risk assessment framework combines CVE metrics, freshness scores, and inter- cluster connectivity patterns to evaluate cluster risk levels and potential vulnerability propagation paths. The analysis reveals that while individual clusters typically show low to moderate risk scores, the repository’s highly connected structure creates critical paths for vulnerability propagation through hub clusters, some containing over 1.5 million nodes. We provide recommendations for dependency risk monitoring, including tracking of bridge nodes and prioritizing high-connectivity clusters. Our systematic approach provides a framework to identify systemic dependency risks across the repository through targeted inspections at critical points in the dependency network.