The dependency verification feature of Gradle does something like that internally, when calling --write-verification-metadata.
Note, however, that as the documentation explains, it’s an approximation of what dependencies could be downloaded during a build. In particular, if a task uses what we call a “detached configuration” (a dynamic dependency graph at execution time), then those dependencies will not be downloaded, because they are opaque to Gradle.