#1
A vulnerability scanner for container images and filesystems
12K starsJun 9, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add anchore/grypeAlternatives
Tfsec alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Tfsec
Tfsec is now part of Trivy
100
Quality
100
Trust
7.0K
Stars
#2
Vulnerability Static Analysis for Containers
11K starsJun 4, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add quay/clair#3
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
9.1K starsJun 11, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add anchore/syft#4
Go security checker
8.9K starsJun 8, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add securego/gosec#5
Staticcheck - The advanced Go linter
6.8K starsJun 10, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add dominikh/go-tools#6
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
5.5K starsJun 11, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add mgechev/revive#7
Static analysis tool to detect potential nil panics in Go code
3.8K starsJun 12, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add uber-go/nilaway#8
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
3.5K starsJun 10, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add stackrox/kube-linter#9
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
21K starsMay 19, 2026 pushdevelopmentJavaScriptStatic Analysis
$ npx skills add MobSF/Mobile-Security-Framework-MobSF#10
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language
9.4K starsJun 12, 2026 pushdevelopmentGoCode Review
$ npx skills add reviewdog/reviewdog#11
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
8.9K starsJun 10, 2026 pushdevelopmentStatic AnalysisClaude Code
$ npx skills add We5ter/Scanners-Box#12
🦩 Tools for Go projects
4.5K starsJun 6, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add nikolaydubina/go-recipes#13
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
54K starsJun 12, 2026 pushdevelopmentC++Static Analysis
$ npx skills add WerWolv/ImHex#14
An extremely fast Python linter and code formatter, written in Rust.
48K starsJun 12, 2026 pushdevelopmentRustStatic Analysis
$ npx skills add astral-sh/ruff#15
ShellCheck, a static analysis tool for shell scripts
40K starsJun 11, 2026 pushdevelopmentHaskellStatic Analysis
$ npx skills add koalaman/shellcheck#16
A tool to enforce Swift style and conventions.
20K starsJun 9, 2026 pushdevelopmentSwiftStatic Analysis
$ npx skills add realm/SwiftLintHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Tfsec if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.