diff --git a/scripts/haskell-transitive-dependency-import-audit.sh b/scripts/haskell-transitive-dependency-import-audit.sh
new file mode 100755
index 00000000000..24089719367
--- /dev/null
+++ b/scripts/haskell-transitive-dependency-import-audit.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+set -euo pipefail
+shopt -s globstar
+
+## This tries to audit our transitive dependencies for occurrences of
+## problematic imports or function names.  very basic for now, can be 
+## extended. For now depends on ripgrep.
+if [ -z "$1" ]; then
+    echo "pass search string as first argument"
+    exit 1
+fi
+
+REPO_TOPLEVEL=$(git rev-parse --show-toplevel)
+FREEZE_FILE="$REPO_TOPLEVEL/cabal.project.freeze"
+
+if [ ! -f "$FREEZE_FILE" ]; then
+    echo "Freeze file not found"
+    exit 1
+fi
+
+# Temp dir in RAM so we don't thrash SSD
+TEMP_DIR=$(mktemp -d /dev/shm/hasura_dep_audit.XXXXXX)
+function cleanup {
+    rmdir "$TEMP_DIR" || echo "$TEMP_DIR was not empty and could not be removed so it probably contains matching libraries you'll want to check out by hand"
+}
+trap cleanup EXIT
+
+# Read the freeze file and extract package names and versions
+rg '^.* any\.([^ ]*) ==([^,]*),?' -r '$1-$2' "$FREEZE_FILE" | while read -r pkg_identifier; do
+    # Download the package
+    cabal get -d "$TEMP_DIR" "$pkg_identifier" >/dev/null || echo "   continuing anyway..."
+
+    if rg -q "$1" -ths "${TEMP_DIR:?}/$pkg_identifier"; then
+        echo
+        echo "Occurrence in $pkg_identifier"
+    else
+        echo -n .
+        # Clean up if nothing to see
+        rm -rf "${TEMP_DIR:?}/$pkg_identifier"
+    fi
+done
+