OpenAgentSkill Task
Task: Scan a project for security risks
Intent: Find risky dependencies, exposed secrets, unsafe patterns, and practical remediation steps.
Agent prompt: Find the best skill for scanning a code project for security risks and producing prioritized remediation steps.

Success criteria:
- Prioritizes findings
- Explains remediation
- Separates warnings from confirmed issues

Do not use when:
- The scan touches production secrets
- The result is used as a formal compliance audit
- Repository access is incomplete

Resolve API:
https://www.openagentskill.com/api/agent/resolve?task=Find%20the%20best%20skill%20for%20scanning%20a%20code%20project%20for%20security%20risks%20and%20producing%20prioritized%20remediation%20steps.&agent=codex&max_risk=medium

Ranked skills:
1. Bandit (pycqa-bandit)
   Match score: 579
   Bandit is a tool designed to find common security issues in Python code.
   Trust: 100/100 Production candidate
   Audit: 97/100 Safe to try
   Install: npx skills add PyCQA/bandit
   Detail: https://www.openagentskill.com/skills/pycqa-bandit
   Install API: https://www.openagentskill.com/api/skills/pycqa-bandit/install
---
2. Terraform Skill (antonbabenko-terraform-skill)
   Match score: 560
   Terraform & OpenTofu Skill for AI Agents - testing, modules, CI/CD, and production patterns
   Trust: 100/100 Production candidate
   Audit: 95/100 Safe to try
   Install: npx skills add antonbabenko/terraform-skill
   Detail: https://www.openagentskill.com/skills/antonbabenko-terraform-skill
   Install API: https://www.openagentskill.com/api/skills/antonbabenko-terraform-skill/install
---
3. Lynis (cisofy-lynis)
   Match score: 544
   Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
   Trust: 100/100 Production candidate
   Audit: 95/100 Safe to try
   Install: npx skills add CISOfy/lynis
   Detail: https://www.openagentskill.com/skills/cisofy-lynis
   Install API: https://www.openagentskill.com/api/skills/cisofy-lynis/install
---
4. Vuls (future-architect-vuls)
   Match score: 543
   Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
   Trust: 100/100 Production candidate
   Audit: 97/100 Safe to try
   Install: npx skills add future-architect/vuls
   Detail: https://www.openagentskill.com/skills/future-architect-vuls
   Install API: https://www.openagentskill.com/api/skills/future-architect-vuls/install
---
5. Nuclei (projectdiscovery-nuclei)
   Match score: 535
   Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
   Trust: 100/100 Production candidate
   Audit: 97/100 Safe to try
   Install: npx skills add projectdiscovery/nuclei
   Detail: https://www.openagentskill.com/skills/projectdiscovery-nuclei
   Install API: https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install