{"eval":{"version":"openagentskill-skill-eval-v1","slug":"anouarbensaad-vulnx","name":"Vulnx","generated_at":"2026-07-03T23:43:05.200Z","task_input":"Evaluate Vulnx before installing it in an AI agent workflow","status":"review","score":70,"risk_level":"medium","decision":{"recommendation":"manual_review","reason":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_allowed":false,"policy":"review","human_review_required":true},"task_fit":{"score":84,"suited_tasks":["Web scraping workflows","Claude Code teams","teams that value GitHub adoption signals","Crawl target URLs","Extract tables and metadata","Normalize messy page content","Navigate pages","Click and type safely"],"suited_agents":["Python","Crawler","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"]},"install":{"command":"npx skills add anouarbensaad/vulnx","ready":true,"policy":"review","safety_label":"Avoid automatic install","targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add anouarbensaad/vulnx"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vulnx\" agent skill from https://github.com/anouarbensaad/vulnx. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vulnx\" as a Claude Code skill from https://github.com/anouarbensaad/vulnx. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vulnx\" from https://github.com/anouarbensaad/vulnx into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."}]},"trust":{"score":79,"label":"Strong shortlist","version":"trust-score-v4","evidence":{"stars":"2.1K GitHub stars","repoActivity":"2.1K stars, 364 forks","lastPushed":"3y since push","license":"GPL-3.0","repository":"https://github.com/anouarbensaad/vulnx","install":"npx skills add anouarbensaad/vulnx","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"}},"audit":{"score":72,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 3y since push"]},"safety_gate":{"score":48,"tier":"experimental","label":"Experimental","auto_install_policy":"review","blocked":false,"permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution","Repository appears stale"]},"checks":[{"id":"task_fit","label":"Task fit","status":"pass","score":84,"required_for_auto_install":true,"detail":"Task wording matches this skill metadata.","evidence":["Evaluate Vulnx before installing it in an AI agent workflow","web-automation","Web scraping workflows; Claude Code teams; teams that value GitHub adoption signals"]},{"id":"install_path","label":"Install path","status":"pass","score":92,"required_for_auto_install":true,"detail":"Install handoff is available.","evidence":["npx skills add anouarbensaad/vulnx"]},{"id":"install_safety","label":"Install command safety","status":"pass","score":92,"required_for_auto_install":true,"detail":"standard package or runtime install path","evidence":["npx skills add anouarbensaad/vulnx"]},{"id":"trust_score","label":"Trust score","status":"warn","score":79,"required_for_auto_install":true,"detail":"Good trust signals with a few areas worth checking before rollout.","evidence":["Strong shortlist","2.1K GitHub stars","GPL-3.0"]},{"id":"audit_score","label":"Audit score","status":"warn","score":72,"required_for_auto_install":true,"detail":"Needs review","evidence":["Repository appears stale"]},{"id":"agent_safety_gate","label":"Agent safety gate","status":"warn","score":48,"required_for_auto_install":true,"detail":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","evidence":["Test manually in an isolated workspace and compare against safer alternatives.","High-risk permission hints: Shell or command execution"]},{"id":"readme_skillmd_completeness","label":"README/SKILL.md completeness","status":"pass","score":90,"required_for_auto_install":false,"detail":"Metadata includes enough usage and workflow context","evidence":["Strong README/SKILL.md context"]},{"id":"license_clarity","label":"License clarity","status":"pass","score":86,"required_for_auto_install":true,"detail":"GPL-3.0","evidence":["GPL-3.0"]},{"id":"recent_maintenance","label":"Recent maintenance","status":"fail","score":22,"required_for_auto_install":false,"detail":"3y since push","evidence":["3y since push"]},{"id":"permission_surface","label":"Permission surface","status":"warn","score":76,"required_for_auto_install":true,"detail":"shell or command execution","evidence":["Shell or command execution: high","Network access: medium"]},{"id":"alternatives","label":"Alternatives available","status":"pass","score":82,"required_for_auto_install":false,"detail":"Alternative skills are available for comparison.","evidence":["crawl4ai","d4vinci-scrapling","scrapy-scrapy","naibowang-easyspider"]}],"blockers":[],"warnings":["Trust score: Good trust signals with a few areas worth checking before rollout.","Audit score: Needs review","Agent safety gate: Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","Permission surface: shell or command execution","High-risk permission hints: Shell or command execution","Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 3y since push"],"validation_plan":["Inspect repository, README/SKILL.md, license, and recent commits before production use.","Install in an isolated workspace or sandbox with no production secrets available.","Run the smallest representative task and record files touched, commands run, network access, and outputs.","Compare the selected skill against at least one alternative when the eval status is review or failed.","Promote only after the agent reports a successful verification result and unresolved warnings are accepted."],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Recent maintenance: 3y since push","Production credentials, payments, or irreversible account changes without explicit human review"],"alternatives":[{"slug":"crawl4ai","name":"Crawl4AI","url":"https://www.openagentskill.com/skills/crawl4ai","stars":70774,"install_command":"npx skills add unclecode/crawl4ai","trust_score":93,"audit_score":95},{"slug":"d4vinci-scrapling","name":"Scrapling","url":"https://www.openagentskill.com/skills/d4vinci-scrapling","stars":67816,"install_command":"npx skills add D4Vinci/Scrapling","trust_score":85,"audit_score":90},{"slug":"scrapy-scrapy","name":"Scrapy","url":"https://www.openagentskill.com/skills/scrapy-scrapy","stars":62532,"install_command":"npx skills add scrapy/scrapy","trust_score":92,"audit_score":95},{"slug":"naibowang-easyspider","name":"EasySpider","url":"https://www.openagentskill.com/skills/naibowang-easyspider","stars":44121,"install_command":"npx skills add NaiboWang/EasySpider","trust_score":93,"audit_score":94}],"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"anouarbensaad-vulnx","name":"Vulnx","description":"vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.","category":"web-automation","url":"https://www.openagentskill.com/skills/anouarbensaad-vulnx","repository":"https://github.com/anouarbensaad/vulnx","github_repo":"anouarbensaad/vulnx"},"suited_tasks":["Web scraping workflows","Claude Code teams","teams that value GitHub adoption signals","Crawl target URLs","Extract tables and metadata","Normalize messy page content","Navigate pages","Click and type safely"],"suited_agents":["Python","Crawler","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add anouarbensaad/vulnx","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add anouarbensaad/vulnx"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vulnx\" agent skill from https://github.com/anouarbensaad/vulnx. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vulnx\" as a Claude Code skill from https://github.com/anouarbensaad/vulnx. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vulnx\" from https://github.com/anouarbensaad/vulnx into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning."}],"handoff_url":"https://www.openagentskill.com/api/skills/anouarbensaad-vulnx/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/anouarbensaad-vulnx"},"trust":{"score":79,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"2.1K GitHub stars","repoActivity":"2.1K stars, 364 forks","lastPushed":"3y since push","license":"GPL-3.0","repository":"https://github.com/anouarbensaad/vulnx","install":"npx skills add anouarbensaad/vulnx","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["web-automation","crawler","data-extraction","auto-exploiter","bot","cloudflare-detection"],"known_risks":["Repository looks stale","Quality score needs review","Recent maintenance: 3y since push"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":72,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Recent maintenance: 3y since push"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":74,"label":"Strong"},"supply":{"track":"Research and knowledge work","scenario":"RAG and knowledge","maintenance":"3y since push","risk":"Needs review"},"alternative_skills":[{"slug":"crawl4ai","name":"Crawl4AI","url":"https://www.openagentskill.com/skills/crawl4ai","stars":70774,"install_command":"npx skills add unclecode/crawl4ai","trust_score":93,"audit_score":95},{"slug":"d4vinci-scrapling","name":"Scrapling","url":"https://www.openagentskill.com/skills/d4vinci-scrapling","stars":67816,"install_command":"npx skills add D4Vinci/Scrapling","trust_score":85,"audit_score":90},{"slug":"scrapy-scrapy","name":"Scrapy","url":"https://www.openagentskill.com/skills/scrapy-scrapy","stars":62532,"install_command":"npx skills add scrapy/scrapy","trust_score":92,"audit_score":95},{"slug":"naibowang-easyspider","name":"EasySpider","url":"https://www.openagentskill.com/skills/naibowang-easyspider","stars":44121,"install_command":"npx skills add NaiboWang/EasySpider","trust_score":93,"audit_score":94}],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Recent maintenance: 3y since push","Production credentials, payments, or irreversible account changes without explicit human review"],"agent_contract":{"task_input":"Evaluate Vulnx before installing it in an AI agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 79/100 Strong shortlist","Audit: 72/100 Needs review","Safety: 48/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"anouarbensaad-vulnx (Vulnx)","install_command":"npx skills add anouarbensaad/vulnx","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"anouarbensaad-vulnx","task":"Evaluate Vulnx before installing it in an AI agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/anouarbensaad-vulnx","api":"https://www.openagentskill.com/api/agent/skills/anouarbensaad-vulnx","audit":"https://www.openagentskill.com/skills/anouarbensaad-vulnx/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=anouarbensaad-vulnx&task=Evaluate%20Vulnx%20before%20installing%20it%20in%20an%20AI%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Evaluate%20Vulnx%20before%20installing%20it%20in%20an%20AI%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Evaluate%20Vulnx%20before%20installing%20it%20in%20an%20AI%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/anouarbensaad-vulnx/install","manifest":"https://www.openagentskill.com/api/registry/manifest/anouarbensaad-vulnx"}},"endpoints":{"web":"https://www.openagentskill.com/skills/anouarbensaad-vulnx","api":"https://www.openagentskill.com/api/agent/skills/anouarbensaad-vulnx","eval":"https://www.openagentskill.com/api/agent/evals?slug=anouarbensaad-vulnx","audit":"https://www.openagentskill.com/skills/anouarbensaad-vulnx/audit","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Evaluate%20Vulnx%20before%20installing%20it%20in%20an%20AI%20agent%20workflow&agent=codex&max_risk=medium"}},"meta":{"endpoint":"/api/agent/evals","mode":"skill_eval","purpose":"Pre-install eval contract for a single skill. Agents should read this before installing a reusable skill.","generated_at":"2026-07-03T23:43:05.200Z"}}