#1
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
874 starsMar 28, 2025 pushsecurityGoSecurity
$ npx skills add Legit-Labs/legitifyAlternatives
Poutine alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Poutine
poutine, a supply chain vulnerability scanner for build pipelines
84
Quality
79
Trust
477
Stars
#2
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
12K starsJun 12, 2026 pushsecurityGoSecurity
$ npx skills add future-architect/vuls#3
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
3.1K starsMay 20, 2026 pushsecurityGoSecurity
$ npx skills add zegl/kube-score#4
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
16K starsMay 11, 2026 pushsecurityShellSecurity
$ npx skills add CISOfy/lynis#5
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
29K starsJun 13, 2026 pushsecurityGoSecurity
$ npx skills add projectdiscovery/nuclei#6
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
9.6K starsJun 12, 2026 pushsecurityRubySecurity
$ npx skills add wpscanteam/wpscan#7
Bandit is a tool designed to find common security issues in Python code.
8.1K starsMay 25, 2026 pushsecurityPythonSecurity
$ npx skills add PyCQA/bandit#8
Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision
682 starsJun 13, 2026 pushsecurityGoSecurity
$ npx skills add vigolium/vigolium#9
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
428 starsJun 8, 2026 pushsecurityGoSecurity
$ npx skills add hahwul/authz0#10
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
1.6K starsJun 16, 2024 pushsecurityGoSecurity
$ npx skills add Adminisme/ServerScan#11
Application Layer DoS attack simulator
1.6K starsJun 26, 2025 pushsecurityC++Security
$ npx skills add shekyan/slowhttptest#12
The ZAP by Checkmarx Core project
15K starsJun 11, 2026 pushsecurityJavaSecurity
$ npx skills add zaproxy/zaproxy#13
A default credential scanner.
1.5K starsJul 8, 2025 pushsecurityPythonSecurity
$ npx skills add ztgrace/changeme#14
A friendly car security exploration tool for the CAN bus
918 starsJun 12, 2026 pushsecurityPythonSecurity
$ npx skills add CaringCaribou/caringcaribou#15
Unified Policy as Code
7.8K starsJun 8, 2026 pushsecurityGoCompliance
$ npx skills add kyverno/kyverno#16
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
1.2K starsJan 21, 2026 pushsecurityGoSecurity
$ npx skills add Hackmanit/Web-Cache-Vulnerability-ScannerHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Poutine if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.