#1
Scan the world (for secrets)
1.2K starsJun 12, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add betterleaks/betterleaksAlternatives
Packj alternatives for AI agents.
Compare similar skills by workflow fit, trust score, quality, GitHub adoption, maintenance, and install readiness.
Current skill
Packj
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
80
Quality
86
Trust
688
Stars
#2
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
21K starsMay 19, 2026 pushdevelopmentJavaScriptStatic Analysis
$ npx skills add MobSF/Mobile-Security-Framework-MobSF#3
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
8.9K starsJun 10, 2026 pushdevelopmentStatic AnalysisClaude Code
$ npx skills add We5ter/Scanners-Box#4
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.
13K starsJun 18, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add OWASP/mastg#5
Tfsec is now part of Trivy
7.0K starsMar 25, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add aquasecurity/tfsec#6
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
8.8K starsJun 14, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add bridgecrewio/checkov#7
Protect against malicious open source packages 🤖
1.1K starsJun 11, 2026 pushdevelopmentGoStatic Analysis
$ npx skills add safedep/vet#8
All-in-One malware analysis tool.
2.0K starsMar 3, 2026 pushdevelopmentYARAStatic Analysis
$ npx skills add CYB3RMX/Qu1cksc0pe#9
A reactive Python kernel for Jupyter notebooks.
1.3K starsJun 14, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add ipyflow/ipyflow#10
ShellCheck, a static analysis tool for shell scripts
40K starsJun 11, 2026 pushdevelopmentHaskellStatic Analysis
$ npx skills add koalaman/shellcheck#11
An analysis tool for Python that blurs the line between testing and type systems.
1.3K starsJun 13, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add pschanely/CrossHair#12
DeepAudit:人人拥有的 AI 黑客战队,让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行,自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ,一键生成报告。支持中转站。让安全不再昂贵,让审计不再复杂。
6.4K starsApr 1, 2026 pushdevelopmentPythonCode Review
$ npx skills add lintsinghua/DeepAudit#13
Official ESLint plugin for Vue.js
4.6K starsJun 8, 2026 pushdevelopmentTypeScriptStatic Analysis
$ npx skills add vuejs/eslint-plugin-vue#14
Analyze ELF binaries like a boss 😼🕵️♂️
4.3K starsJun 14, 2026 pushdevelopmentRustStatic Analysis
$ npx skills add orhun/binsider#15
Codebase intelligence for TypeScript and JavaScript. Free static layer: unused code, duplication, circular deps, complexity hotspots, architecture boundaries. Optional paid runtime layer: hot-path review and cold-path deletion evidence from real production traffic. Rust-native, sub-second, zero-config framework support.
3.6K starsJun 14, 2026 pushdevelopmentRustStatic Analysis
$ npx skills add fallow-rs/fallow#16
Static Analyzer for Solidity and Vyper
6.3K starsJun 11, 2026 pushdevelopmentPythonStatic Analysis
$ npx skills add crytic/slitherHow to choose
When should you switch?
Use an alternative when it has a clearer install path, higher trust score, fresher maintenance, or better platform fit for your current agent stack. Keep Packj if it already passes your workflow test and repository review.
Next step
Compare top candidates side by side
Open the compare page, test the install commands in a sandbox, and check each repository before using a skill in production.