#1
Unified Policy as Code
7.8K starsJun 8, 2026 pushsecurityGoCompliance
$ npx skills add kyverno/kyvernoAlternatives
Cloud Custodian alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Cloud Custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
100
Quality
100
Trust
6.0K
Stars
#2
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
16K starsJun 12, 2026 pushsecurityC++Compliance
$ npx skills add wazuh/wazuh#3
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
16K starsMay 11, 2026 pushsecurityShellCompliance
$ npx skills add CISOfy/lynis#4
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
12K starsJun 12, 2026 pushsecurityGoCompliance
$ npx skills add open-policy-agent/opa#5
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
8.8K starsJun 11, 2026 pushdevopsPythonKubernetes
$ npx skills add bridgecrewio/checkov#6
🕵️♂️ Collect a dossier on a person by username from 3000+ sites
33K starsJun 11, 2026 pushsecurityPythonOSINT
$ npx skills add soxoj/maigret#7
Incredibly fast crawler designed for OSINT.
13K starsFeb 10, 2026 pushsecurityPythonOSINT
$ npx skills add s0md3v/Photon#8
Download pictures (or videos) along with their captions and other metadata from Instagram.
13K starsApr 15, 2026 pushsecurityPythonOSINT
$ npx skills add instaloader/instaloader#9
The recursive internet scanner for hackers. 🧡
9.9K starsJun 12, 2026 pushsecurityPythonOSINT
$ npx skills add blacklanternsecurity/bbot#10
OneForAll是一款功能强大的子域收集工具
9.8K starsMay 11, 2026 pushsecurityPythonOSINT
$ npx skills add shmilylty/OneForAll#11
Open-source intelligence for the global theater. Track everything from the corporate/private jets of the wealthy, and spy satellites, to seismic events in one unified interface. Hook an AI agent up to have it parse through data and find previously unseen correlations. The knowledge is available to all but rarely aggregated in the open, until now.
9.2K starsJun 12, 2026 pushsecurityPythonOSINT
$ npx skills add BigBodyCobain/Shadowbroker#12
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
2.7K starsJun 8, 2026 pushsecurityGoSAST
$ npx skills add Bearer/bearer#13
Bandit is a tool designed to find common security issues in Python code.
8.1K starsMay 25, 2026 pushsecurityPythonSecurity
$ npx skills add PyCQA/bandit#14
DeepAudit:人人拥有的 AI 黑客战队,让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行,自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ,一键生成报告。支持中转站。让安全不再昂贵,让审计不再复杂。
6.4K starsApr 1, 2026 pushsecurityPythonSAST
$ npx skills add lintsinghua/DeepAudit#15
IntelOwl: manage your Threat Intelligence at scale
4.6K starsJun 12, 2026 pushsecurityPythonOSINT
$ npx skills add intelowlproject/IntelOwl#16
Snoop — инструмент разведки на основе открытых данных (OSINT world)
3.9K starsJun 11, 2026 pushsecurityPythonOSINT
$ npx skills add snooppr/snoopHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Cloud Custodian if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.