#1
Bandit is a tool designed to find common security issues in Python code.
8.1K starsMay 25, 2026 pushsecurityPythonSecurity
$ npx skills add PyCQA/banditAlternatives
Caringcaribou alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Caringcaribou
A friendly car security exploration tool for the CAN bus
87
Quality
86
Trust
918
Stars
#2
A default credential scanner.
1.5K starsJul 8, 2025 pushsecurityPythonSecurity
$ npx skills add ztgrace/changeme#3
OXO is a security scanning orchestrator for the modern age.
574 starsJun 12, 2026 pushsecurityPythonSecurity
$ npx skills add Ostorlab/oxo#4
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
1.0K starsFeb 3, 2020 pushsecurityPythonSecurity
$ npx skills add WithSecureLabs/doublepulsar-detection-script#5
A modular vulnerability scanner with automatic report generation capabilities.
1.2K starsJun 13, 2026 pushsecurityPythonSecurity
$ npx skills add CERT-Polska/Artemis#6
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
9.6K starsJun 12, 2026 pushsecurityRubySecurity
$ npx skills add wpscanteam/wpscan#7
A high performance offensive security tool for reconnaissance and vulnerability scanning
3.6K starsApr 21, 2026 pushsecurityPythonSecurity
$ npx skills add evyatarmeged/Raccoon#8
Offensive vulnerability scanner for ethereum, and symbolic execution tool for the Ethereum Virtual Machine
343 starsJun 7, 2022 pushsecurityPythonSecurity
$ npx skills add palkeo/pakala#9
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
29K starsJun 13, 2026 pushsecurityGoSecurity
$ npx skills add projectdiscovery/nuclei#10
Application Layer DoS attack simulator
1.6K starsJun 26, 2025 pushsecurityC++Security
$ npx skills add shekyan/slowhttptest#11
The ZAP by Checkmarx Core project
15K starsJun 11, 2026 pushsecurityJavaSecurity
$ npx skills add zaproxy/zaproxy#12
Incredibly fast crawler designed for OSINT.
13K starsFeb 10, 2026 pushsecurityPythonOSINT
$ npx skills add s0md3v/Photon#13
ASH is an extensible, open source SAST, SCA, and IaC security scanner orchestration engine.
657 starsJun 12, 2026 pushsecurityPythonSAST
$ npx skills add awslabs/automated-security-helper#14
Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision
682 starsJun 13, 2026 pushsecurityGoSecurity
$ npx skills add vigolium/vigolium#15
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
535 starsAug 1, 2018 pushsecurityPythonSecurity
$ npx skills add 0x4D31/burpa#16
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
513 starsMay 19, 2026 pushsecurityPythonSecurity
$ npx skills add godaddy/tartufoHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Caringcaribou if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.