{"query":"Security Scripts","filters":{"category":null,"platform":null,"track":null,"safety":null,"include_blocked":false,"min_stars":0},"total":10,"skills":[{"rank":1,"match_score":99,"raw_match_score":825.2,"slug":"petermosmans-security-scripts","name":"Security Scripts","description":"A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","tagline":"A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","category":"security","tags":["security","scanner","nikto","nmap","python","security-scanner","security-tools","ssl","testssl","shell"],"author":{"name":"PeterMosmans","verified":false,"url":"https://github.com/PeterMosmans"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"PeterMosmans/security-scripts","creatorName":"PeterMosmans","creatorUrl":"https://github.com/PeterMosmans","sourceUrl":"https://github.com/PeterMosmans/security-scripts","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/petermosmans-security-scripts#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":282,"forks":77,"downloads":0,"rating":0,"review_count":0,"quality_score":47.86},"quality":{"score":76,"tier":"strong","label":"Strong","summary":"Solid option that is likely worth shortlisting for production workflows.","signals":[{"label":"GitHub stars","value":"282","tone":"neutral"},{"label":"Freshness","value":"2mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":77,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":62,"weight":0.13,"status":"info","detail":"282 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":62,"weight":0.08,"status":"info","detail":"282 stars, 77 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"2mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"command execution surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add PeterMosmans/security-scripts"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/PeterMosmans/security-scripts"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"282 GitHub stars"},{"status":"info","label":"Stars/forks activity","detail":"282 stars, 77 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"2mo since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface"},{"status":"pass","label":"Install availability","detail":"npx skills add PeterMosmans/security-scripts"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/PeterMosmans/security-scripts"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Install command has no obvious high-risk pattern"],"warnings":["Quality score needs review"],"evidence":{"stars":"282 GitHub stars","repoActivity":"282 stars, 77 forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/PeterMosmans/security-scripts","install":"npx skills add PeterMosmans/security-scripts","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add PeterMosmans/security-scripts","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","2mo since push"]},"agentCompatibility":["Shell","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Quality score needs review"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["security","scanner","nikto","nmap","python","security-scanner"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"knownRisks":["Quality score needs review"]},"safety":{"score":53,"level":"avoid_auto_install","label":"Avoid automatic install","safety_tier":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","summary":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","53/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution","Quality score needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","reasons":["High-risk permission hints: Shell or command execution","53/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"browser-automation","title":"Browser automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Shell"],"install":{"ready":true,"command":"npx skills add PeterMosmans/security-scripts","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":282,"starsLabel":"282","forks":77,"license":"GPL-3.0","qualityScore":76,"trustScore":77,"auditScore":81},"maintenance":{"status":"active","label":"2mo since push","daysSincePush":49,"lastPushedAt":"2026-05-15T02:54:53+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["Quality score needs review","Needs review"]},"coverageTags":["Coding","Coding agents","security","scanner","nikto","nmap","python","security-scanner"]},"audit":{"audit_score":81,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Quality score needs review"]},"decision":{"readiness_score":75,"readiness_label":"Strong shortlist","headline":"Companion skill for Coding agents","role":"Companion skill","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"petermosmans-security-scripts","name":"Security Scripts","description":"A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","category":"security","url":"https://www.openagentskill.com/skills/petermosmans-security-scripts","repository":"https://github.com/PeterMosmans/security-scripts","github_repo":"PeterMosmans/security-scripts"},"suited_tasks":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Shell","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add PeterMosmans/security-scripts","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add PeterMosmans/security-scripts"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Security Scripts\" agent skill from https://github.com/PeterMosmans/security-scripts. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Security Scripts\" as a Claude Code skill from https://github.com/PeterMosmans/security-scripts. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Security Scripts\" from https://github.com/PeterMosmans/security-scripts into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"}],"handoff_url":"https://www.openagentskill.com/api/skills/petermosmans-security-scripts/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/petermosmans-security-scripts"},"trust":{"score":77,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"282 GitHub stars","repoActivity":"282 stars, 77 forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/PeterMosmans/security-scripts","install":"npx skills add PeterMosmans/security-scripts","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","scanner","nikto","nmap","python","security-scanner"],"known_risks":["Quality score needs review"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":81,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Quality score needs review"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":76,"label":"Strong"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"2mo since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Security Scripts in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 77/100 Strong shortlist","Audit: 81/100 Needs review","Safety: 53/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"petermosmans-security-scripts (Security Scripts)","install_command":"npx skills add PeterMosmans/security-scripts","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"petermosmans-security-scripts","task":"Use Security Scripts in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/petermosmans-security-scripts","api":"https://www.openagentskill.com/api/agent/skills/petermosmans-security-scripts","audit":"https://www.openagentskill.com/skills/petermosmans-security-scripts/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=petermosmans-security-scripts&task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/petermosmans-security-scripts/install","manifest":"https://www.openagentskill.com/api/registry/manifest/petermosmans-security-scripts"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"petermosmans-security-scripts","name":"Security Scripts","description":"A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","category":"security","url":"https://www.openagentskill.com/skills/petermosmans-security-scripts","repository":"https://github.com/PeterMosmans/security-scripts","github_repo":"PeterMosmans/security-scripts"},"suited_tasks":["Coding agents workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Shell","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add PeterMosmans/security-scripts","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add PeterMosmans/security-scripts"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Security Scripts\" agent skill from https://github.com/PeterMosmans/security-scripts. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Security Scripts\" as a Claude Code skill from https://github.com/PeterMosmans/security-scripts. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Security Scripts\" from https://github.com/PeterMosmans/security-scripts into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)"}],"handoff_url":"https://www.openagentskill.com/api/skills/petermosmans-security-scripts/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/petermosmans-security-scripts"},"trust":{"score":77,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"282 GitHub stars","repoActivity":"282 stars, 77 forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/PeterMosmans/security-scripts","install":"npx skills add PeterMosmans/security-scripts","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","scanner","nikto","nmap","python","security-scanner"],"known_risks":["Quality score needs review"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":81,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Quality score needs review"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":76,"label":"Strong"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"2mo since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Quality score needs review","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Security Scripts in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 77/100 Strong shortlist","Audit: 81/100 Needs review","Safety: 53/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"petermosmans-security-scripts (Security Scripts)","install_command":"npx skills add PeterMosmans/security-scripts","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"petermosmans-security-scripts","task":"Use Security Scripts in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/petermosmans-security-scripts","api":"https://www.openagentskill.com/api/agent/skills/petermosmans-security-scripts","audit":"https://www.openagentskill.com/skills/petermosmans-security-scripts/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=petermosmans-security-scripts&task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Security%20Scripts%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/petermosmans-security-scripts/install","manifest":"https://www.openagentskill.com/api/registry/manifest/petermosmans-security-scripts"}},"platforms":["Shell","Security","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add PeterMosmans/security-scripts","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add PeterMosmans/security-scripts","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Security Scripts\" agent skill from https://github.com/PeterMosmans/security-scripts. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Security Scripts\" as a Claude Code skill from https://github.com/PeterMosmans/security-scripts. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Security Scripts\" from https://github.com/PeterMosmans/security-scripts into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/PeterMosmans/security-scripts","github_repo":"PeterMosmans/security-scripts","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-21T06:42:49.016414+00:00","canonical_key":"petermosmans/security-scripts","recommendation_reasons":["Matches task terms: security, scripts","Install handoff is available","Repository freshness signal is available","Registry match score 99"],"urls":{"web":"https://www.openagentskill.com/skills/petermosmans-security-scripts","api":"https://www.openagentskill.com/api/agent/skills/petermosmans-security-scripts","install_api":"https://www.openagentskill.com/api/skills/petermosmans-security-scripts/install","audit":"https://www.openagentskill.com/skills/petermosmans-security-scripts/audit","repository":"https://github.com/PeterMosmans/security-scripts"}},{"rank":2,"match_score":21,"raw_match_score":179,"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","tagline":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","tags":["static-analysis","code-quality","android-security","api-testing","apk","cwe","devsecops","dynamic-analysis","ios-security","malware-analysis"],"author":{"name":"MobSF","verified":true,"url":"https://github.com/MobSF"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"MobSF/Mobile-Security-Framework-MobSF","creatorName":"MobSF","creatorUrl":"https://github.com/MobSF","sourceUrl":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":21211,"forks":3697,"downloads":0,"rating":0,"review_count":0,"quality_score":73.49},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"21K","tone":"positive"},{"label":"Freshness","value":"1mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":90,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"21K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"21K stars, 3.7K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"1mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":82,"weight":0.12,"status":"pass","detail":"network or browser surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":72,"weight":0.07,"status":"info","detail":"filesystem or document access, network or browser access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"21K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"21K stars, 3.7K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"1mo since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"network or browser surface"},{"status":"pass","label":"Install availability","detail":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"filesystem or document access, network or browser access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","1mo since push"]},"agentCompatibility":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","android-security","api-testing","apk"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":84,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","84/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","84/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"browser-automation","title":"Browser automation"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","JavaScript"],"install":{"ready":true,"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":21211,"starsLabel":"21K","forks":3697,"license":"GPL-3.0","qualityScore":100,"trustScore":90,"auditScore":92},"maintenance":{"status":"active","label":"1mo since push","daysSincePush":44,"lastPushedAt":"2026-05-19T21:45:53+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","android-security","api-testing","apk"]},"audit":{"audit_score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","url":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Navigate pages","Click and type safely"],"suited_agents":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."}],"handoff_url":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","android-security","api-testing","apk"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Mobile Security Framework MobSF in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 92/100 Safe to try","Safety: 84/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mobsf-mobile-security-framework-mobsf (Mobile Security Framework MobSF)","install_command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mobsf-mobile-security-framework-mobsf","task":"Use Mobile Security Framework MobSF in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mobsf-mobile-security-framework-mobsf&task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","url":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Navigate pages","Click and type safely"],"suited_agents":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."}],"handoff_url":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"1mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","android-security","api-testing","apk"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"1mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Mobile Security Framework MobSF in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 92/100 Safe to try","Safety: 84/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mobsf-mobile-security-framework-mobsf (Mobile Security Framework MobSF)","install_command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mobsf-mobile-security-framework-mobsf","task":"Use Mobile Security Framework MobSF in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mobsf-mobile-security-framework-mobsf&task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"}},"platforms":["JavaScript","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-14T11:01:15.92607+00:00","canonical_key":"mobsf/mobile-security-framework-mobsf","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 21,211 stars","Quality score 73/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","install_api":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"}},{"rank":3,"match_score":19,"raw_match_score":159.6,"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","tagline":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","tags":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest","nuclei-engine","security-scanner","subdomain-takeover","vulnerability-assessment"],"author":{"name":"projectdiscovery","verified":true,"url":"https://github.com/projectdiscovery"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"projectdiscovery/nuclei","creatorName":"projectdiscovery","creatorUrl":"https://github.com/projectdiscovery","sourceUrl":"https://github.com/projectdiscovery/nuclei","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/projectdiscovery-nuclei#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":29159,"forks":3484,"downloads":0,"rating":0,"review_count":0,"quality_score":74.45},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"29K","tone":"positive"},{"label":"Freshness","value":"20d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":93,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"29K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"29K stars, 3.5K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"20d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add projectdiscovery/nuclei"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/projectdiscovery/nuclei"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"29K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"29K stars, 3.5K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"20d since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add projectdiscovery/nuclei"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/projectdiscovery/nuclei"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add projectdiscovery/nuclei","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","20d since push"]},"agentCompatibility":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add projectdiscovery/nuclei","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":29159,"starsLabel":"29K","forks":3484,"license":"MIT","qualityScore":100,"trustScore":93,"auditScore":95},"maintenance":{"status":"fresh","label":"20d since push","daysSincePush":20,"lastPushedAt":"2026-06-13T15:43:40+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Security and compliance","role":"Primary pick","primary_fit":"Security and compliance","best_for":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Security and compliance task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","url":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add projectdiscovery/nuclei","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."}],"handoff_url":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"20d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Nuclei in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"projectdiscovery-nuclei (Nuclei)","install_command":"npx skills add projectdiscovery/nuclei","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"projectdiscovery-nuclei","task":"Use Nuclei in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=projectdiscovery-nuclei&task=Use%20Nuclei%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","url":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add projectdiscovery/nuclei","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."}],"handoff_url":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"20d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Nuclei in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"projectdiscovery-nuclei (Nuclei)","install_command":"npx skills add projectdiscovery/nuclei","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"projectdiscovery-nuclei","task":"Use Nuclei in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=projectdiscovery-nuclei&task=Use%20Nuclei%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"}},"platforms":["Go","Security","Claude Code"],"use_cases":[{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"}],"install":"npx skills add projectdiscovery/nuclei","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei","version":"1.0.0","license":"MIT","updated_at":"2026-06-14T11:01:35.485615+00:00","canonical_key":"projectdiscovery/nuclei","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 29,159 stars","Quality score 74/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","install_api":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","repository":"https://github.com/projectdiscovery/nuclei"}},{"rank":4,"match_score":19,"raw_match_score":159.6,"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","tagline":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","tags":["security","secret-scanning","acme","certificate-management","cli","environment-variables","go","golang","node-js","open-source"],"author":{"name":"Infisical","verified":true,"url":"https://github.com/Infisical"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"Infisical/infisical","creatorName":"Infisical","creatorUrl":"https://github.com/Infisical","sourceUrl":"https://github.com/Infisical/infisical","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/infisical-infisical#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":27445,"forks":1999,"downloads":0,"rating":0,"review_count":0,"quality_score":74.27},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"27K","tone":"positive"},{"label":"Freshness","value":"13d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":83,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"27K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"27K stars, 2.0K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"13d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":54,"weight":0.12,"status":"warn","detail":"command execution surface, credential or environment access"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add Infisical/infisical"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":36,"weight":0.07,"status":"fail","detail":"secrets or environment access, shell or command execution"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/Infisical/infisical"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"27K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"27K stars, 2.0K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"13d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"warn","label":"Dependency/runtime risk","detail":"command execution surface, credential or environment access"},{"status":"pass","label":"Install availability","detail":"npx skills add Infisical/infisical"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"fail","label":"Permission surface","detail":"secrets or environment access, shell or command execution"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/Infisical/infisical"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"],"evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add Infisical/infisical","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","No Agent Proven outcome evidence yet","13d since push"]},"agentCompatibility":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety":{"score":49,"level":"avoid_auto_install","label":"Avoid automatic install","safety_tier":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","summary":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_policy":"review","reasons":["Metadata combines secrets access with shell or command execution","High-risk permission hints: Shell or command execution, Secrets or environment access","49/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"},{"id":"secrets","label":"Secrets or environment access","reason":"Skill metadata references credentials, tokens, environment variables, or secret-bearing workflows.","severity":"high"}],"policy_warnings":["High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","reasons":["Metadata combines secrets access with shell or command execution","High-risk permission hints: Shell or command execution, Secrets or environment access","49/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"browser-automation","title":"Browser automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","TypeScript"],"install":{"ready":true,"command":"npx skills add Infisical/infisical","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":27445,"starsLabel":"27K","forks":1999,"license":"Unknown","qualityScore":100,"trustScore":83,"auditScore":89},"maintenance":{"status":"fresh","label":"13d since push","daysSincePush":13,"lastPushedAt":"2026-06-20T04:54:50+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","security","secret-scanning","acme","certificate-management","cli","environment-variables"]},"audit":{"audit_score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","url":"https://www.openagentskill.com/skills/infisical-infisical","repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add Infisical/infisical","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add Infisical/infisical"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."}],"handoff_url":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"},"trust":{"score":83,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"known_risks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"13d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution"],"agent_contract":{"task_input":"Use Infisical in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 83/100 Strong shortlist","Audit: 89/100 Needs review","Safety: 49/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"infisical-infisical (Infisical)","install_command":"npx skills add Infisical/infisical","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"infisical-infisical","task":"Use Infisical in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=infisical-infisical&task=Use%20Infisical%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","url":"https://www.openagentskill.com/skills/infisical-infisical","repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add Infisical/infisical","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add Infisical/infisical"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."}],"handoff_url":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"},"trust":{"score":83,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"known_risks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"13d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution"],"agent_contract":{"task_input":"Use Infisical in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 83/100 Strong shortlist","Audit: 89/100 Needs review","Safety: 49/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"infisical-infisical (Infisical)","install_command":"npx skills add Infisical/infisical","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"infisical-infisical","task":"Use Infisical in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=infisical-infisical&task=Use%20Infisical%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"}},"platforms":["TypeScript","Security","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add Infisical/infisical","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add Infisical/infisical","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical","version":"1.0.0","license":"Unknown","updated_at":"2026-06-21T01:41:03.396501+00:00","canonical_key":"infisical/infisical","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 27,445 stars","Quality score 74/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","install_api":"https://www.openagentskill.com/api/skills/infisical-infisical/install","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","repository":"https://github.com/Infisical/infisical"}},{"rank":5,"match_score":19,"raw_match_score":158,"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","tagline":"The ZAP by Checkmarx Core project","category":"security","tags":["security","scanner","appsec","dast","hacktoberfest","opensource","security-scanner","zap","zap-development","zaproxy"],"author":{"name":"zaproxy","verified":true,"url":"https://github.com/zaproxy"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"zaproxy/zaproxy","creatorName":"zaproxy","creatorUrl":"https://github.com/zaproxy","sourceUrl":"https://github.com/zaproxy/zaproxy","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/zaproxy-zaproxy#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":15281,"forks":2570,"downloads":0,"rating":0,"review_count":0,"quality_score":72.49},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"15K","tone":"positive"},{"label":"Freshness","value":"22d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Apache-2.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"15K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"15K stars, 2.6K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"22d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"Apache-2.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add zaproxy/zaproxy"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/zaproxy/zaproxy"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"15K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"15K stars, 2.6K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"22d since push"},{"status":"pass","label":"License clarity","detail":"Apache-2.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add zaproxy/zaproxy"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/zaproxy/zaproxy"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add zaproxy/zaproxy","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","22d since push"]},"agentCompatibility":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","appsec","dast","hacktoberfest","opensource"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"workflow-automation","title":"Workflow automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add zaproxy/zaproxy","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":15281,"starsLabel":"15K","forks":2570,"license":"Apache-2.0","qualityScore":100,"trustScore":92,"auditScore":95},"maintenance":{"status":"fresh","label":"22d since push","daysSincePush":22,"lastPushedAt":"2026-06-11T09:00:42+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","appsec","dast","hacktoberfest","opensource"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","category":"security","url":"https://www.openagentskill.com/skills/zaproxy-zaproxy","repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add zaproxy/zaproxy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add zaproxy/zaproxy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project"}],"handoff_url":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","appsec","dast","hacktoberfest","opensource"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Zaproxy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"zaproxy-zaproxy (Zaproxy)","install_command":"npx skills add zaproxy/zaproxy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"zaproxy-zaproxy","task":"Use Zaproxy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=zaproxy-zaproxy&task=Use%20Zaproxy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","category":"security","url":"https://www.openagentskill.com/skills/zaproxy-zaproxy","repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add zaproxy/zaproxy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add zaproxy/zaproxy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project"}],"handoff_url":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","appsec","dast","hacktoberfest","opensource"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Zaproxy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"zaproxy-zaproxy (Zaproxy)","install_command":"npx skills add zaproxy/zaproxy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"zaproxy-zaproxy","task":"Use Zaproxy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=zaproxy-zaproxy&task=Use%20Zaproxy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"}},"platforms":["Java","Security","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"}],"install":"npx skills add zaproxy/zaproxy","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add zaproxy/zaproxy","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy","version":"1.0.0","license":"Apache-2.0","updated_at":"2026-06-14T11:01:35.534416+00:00","canonical_key":"zaproxy/zaproxy","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 15,281 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","install_api":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","repository":"https://github.com/zaproxy/zaproxy"}},{"rank":6,"match_score":19,"raw_match_score":157.4,"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","tagline":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","tags":["security","scanner","administrator","cybersecurity","freebsd","go","golang","linux","security-audit","security-automation"],"author":{"name":"future-architect","verified":true,"url":"https://github.com/future-architect"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"future-architect/vuls","creatorName":"future-architect","creatorUrl":"https://github.com/future-architect","sourceUrl":"https://github.com/future-architect/vuls","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/future-architect-vuls#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":12181,"forks":1235,"downloads":0,"rating":0,"review_count":0,"quality_score":71.8},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"12K","tone":"positive"},{"label":"Freshness","value":"21d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"12K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"12K stars, 1.2K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"21d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":80,"weight":0.12,"status":"info","detail":"external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add future-architect/vuls"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":72,"weight":0.07,"status":"info","detail":"filesystem or document access, network or browser access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/future-architect/vuls"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"12K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"12K stars, 1.2K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"21d since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add future-architect/vuls"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"filesystem or document access, network or browser access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/future-architect/vuls"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add future-architect/vuls","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","21d since push"]},"agentCompatibility":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","administrator","cybersecurity","freebsd","go"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":86,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add future-architect/vuls","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":12181,"starsLabel":"12K","forks":1235,"license":"GPL-3.0","qualityScore":100,"trustScore":92,"auditScore":94},"maintenance":{"status":"fresh","label":"21d since push","daysSincePush":21,"lastPushedAt":"2026-06-12T04:28:13+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","administrator","cybersecurity","freebsd","go"]},"audit":{"audit_score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Security and compliance","role":"Primary pick","primary_fit":"Security and compliance","best_for":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Security and compliance task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","url":"https://www.openagentskill.com/skills/future-architect-vuls","repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add future-architect/vuls","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add future-architect/vuls"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"}],"handoff_url":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","administrator","cybersecurity","freebsd","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Vuls in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"future-architect-vuls (Vuls)","install_command":"npx skills add future-architect/vuls","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"future-architect-vuls","task":"Use Vuls in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=future-architect-vuls&task=Use%20Vuls%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","url":"https://www.openagentskill.com/skills/future-architect-vuls","repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add future-architect/vuls","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add future-architect/vuls"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"}],"handoff_url":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","administrator","cybersecurity","freebsd","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Vuls in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"future-architect-vuls (Vuls)","install_command":"npx skills add future-architect/vuls","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"future-architect-vuls","task":"Use Vuls in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=future-architect-vuls&task=Use%20Vuls%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"}},"platforms":["Go","Security","Claude Code"],"use_cases":[{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add future-architect/vuls","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add future-architect/vuls","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-14T11:01:35.56216+00:00","canonical_key":"future-architect/vuls","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 12,181 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","install_api":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","repository":"https://github.com/future-architect/vuls"}},{"rank":7,"match_score":17,"raw_match_score":139.7,"slug":"soxoj-maigret","name":"Maigret","description":"🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","tagline":"🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","category":"security","tags":["osint","research","security","cli","cybersecurity","identification","information-gathering","infosec","investigation","open-source"],"author":{"name":"soxoj","verified":true,"url":"https://github.com/soxoj"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"soxoj/maigret","creatorName":"soxoj","creatorUrl":"https://github.com/soxoj","sourceUrl":"https://github.com/soxoj/maigret","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/soxoj-maigret#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":32920,"forks":2414,"downloads":0,"rating":0,"review_count":0,"quality_score":74.82},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"33K","tone":"positive"},{"label":"Freshness","value":"22d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"33K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"33K stars, 2.4K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"22d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"command execution surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add soxoj/maigret"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/soxoj/maigret"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"33K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"33K stars, 2.4K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"22d since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface"},{"status":"pass","label":"Install availability","detail":"npx skills add soxoj/maigret"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/soxoj/maigret"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"33K GitHub stars","repoActivity":"33K stars, 2.4K forks","lastPushed":"22d since push","license":"MIT","repository":"https://github.com/soxoj/maigret","install":"npx skills add soxoj/maigret","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add soxoj/maigret","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","22d since push"]},"agentCompatibility":["Python","OSINT","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","osint","research","cli","cybersecurity","identification"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":64,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","64/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["High-risk permission hints: Shell or command execution","64/100 agent safety score"]},"supply_profile":{"track":{"slug":"research","label":"Research and knowledge work","shortLabel":"Research","description":"Deep research, source comparison, literature review, RAG, knowledge search, and reports."},"scenario":{"label":"RAG and knowledge","description":"I need my agent to build a RAG workflow over documents and retrieve reliable context.","useCases":[{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"research-agents","title":"Research agents"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Python"],"install":{"ready":true,"command":"npx skills add soxoj/maigret","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":32920,"starsLabel":"33K","forks":2414,"license":"MIT","qualityScore":100,"trustScore":88,"auditScore":92},"maintenance":{"status":"fresh","label":"22d since push","daysSincePush":22,"lastPushedAt":"2026-06-11T12:48:21+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Research","RAG and knowledge","security","osint","cli","cybersecurity","identification","information-gathering"]},"audit":{"audit_score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for RAG and knowledge","role":"Primary pick","primary_fit":"RAG and knowledge","best_for":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one RAG and knowledge task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"soxoj-maigret","name":"Maigret","description":"🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","category":"security","url":"https://www.openagentskill.com/skills/soxoj-maigret","repository":"https://github.com/soxoj/maigret","github_repo":"soxoj/maigret"},"suited_tasks":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals","Chunk documents","Create embeddings","Retrieve and cite relevant passages","Search sources","Extract claims"],"suited_agents":["Python","OSINT","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add soxoj/maigret","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add soxoj/maigret"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Maigret\" agent skill from https://github.com/soxoj/maigret. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Maigret\" as a Claude Code skill from https://github.com/soxoj/maigret. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Maigret\" from https://github.com/soxoj/maigret into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"}],"handoff_url":"https://www.openagentskill.com/api/skills/soxoj-maigret/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/soxoj-maigret"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"33K GitHub stars","repoActivity":"33K stars, 2.4K forks","lastPushed":"22d since push","license":"MIT","repository":"https://github.com/soxoj/maigret","install":"npx skills add soxoj/maigret","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","osint","research","cli","cybersecurity","identification"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Research and knowledge work","scenario":"RAG and knowledge","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Maigret in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 92/100 Safe to try","Safety: 64/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"soxoj-maigret (Maigret)","install_command":"npx skills add soxoj/maigret","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"soxoj-maigret","task":"Use Maigret in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/soxoj-maigret","api":"https://www.openagentskill.com/api/agent/skills/soxoj-maigret","audit":"https://www.openagentskill.com/skills/soxoj-maigret/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=soxoj-maigret&task=Use%20Maigret%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Maigret%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Maigret%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/soxoj-maigret/install","manifest":"https://www.openagentskill.com/api/registry/manifest/soxoj-maigret"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"soxoj-maigret","name":"Maigret","description":"🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","category":"security","url":"https://www.openagentskill.com/skills/soxoj-maigret","repository":"https://github.com/soxoj/maigret","github_repo":"soxoj/maigret"},"suited_tasks":["RAG and knowledge workflows","Claude Code teams","teams that value GitHub adoption signals","Chunk documents","Create embeddings","Retrieve and cite relevant passages","Search sources","Extract claims"],"suited_agents":["Python","OSINT","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add soxoj/maigret","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add soxoj/maigret"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Maigret\" agent skill from https://github.com/soxoj/maigret. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Maigret\" as a Claude Code skill from https://github.com/soxoj/maigret. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Maigret\" from https://github.com/soxoj/maigret into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites"}],"handoff_url":"https://www.openagentskill.com/api/skills/soxoj-maigret/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/soxoj-maigret"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"33K GitHub stars","repoActivity":"33K stars, 2.4K forks","lastPushed":"22d since push","license":"MIT","repository":"https://github.com/soxoj/maigret","install":"npx skills add soxoj/maigret","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","osint","research","cli","cybersecurity","identification"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Research and knowledge work","scenario":"RAG and knowledge","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Maigret in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 92/100 Safe to try","Safety: 64/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"soxoj-maigret (Maigret)","install_command":"npx skills add soxoj/maigret","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"soxoj-maigret","task":"Use Maigret in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/soxoj-maigret","api":"https://www.openagentskill.com/api/agent/skills/soxoj-maigret","audit":"https://www.openagentskill.com/skills/soxoj-maigret/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=soxoj-maigret&task=Use%20Maigret%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Maigret%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Maigret%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/soxoj-maigret/install","manifest":"https://www.openagentskill.com/api/registry/manifest/soxoj-maigret"}},"platforms":["Python","OSINT","Claude Code"],"use_cases":[{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"research-agents","title":"Research agents","url":"https://www.openagentskill.com/use-cases/research-agents"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"}],"install":"npx skills add soxoj/maigret","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add soxoj/maigret","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Maigret\" agent skill from https://github.com/soxoj/maigret. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Maigret\" as a Claude Code skill from https://github.com/soxoj/maigret. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Maigret\" from https://github.com/soxoj/maigret into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: 🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/soxoj/maigret","github_repo":"soxoj/maigret","version":"1.0.0","license":"MIT","updated_at":"2026-06-12T14:00:33.246676+00:00","canonical_key":"soxoj/maigret","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 32,920 stars","Quality score 75/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/soxoj-maigret","api":"https://www.openagentskill.com/api/agent/skills/soxoj-maigret","install_api":"https://www.openagentskill.com/api/skills/soxoj-maigret/install","audit":"https://www.openagentskill.com/skills/soxoj-maigret/audit","repository":"https://github.com/soxoj/maigret"}},{"rank":8,"match_score":17,"raw_match_score":138.2,"slug":"wazuh-wazuh","name":"Wazuh","description":"Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","tagline":"Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","category":"security","tags":["compliance","security","cloud-security","configuration-assessement","container-security","cybersecurity","file-integrity-monitoring","incident-response","infosec","log-analysis"],"author":{"name":"wazuh","verified":true,"url":"https://github.com/wazuh"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"wazuh/wazuh","creatorName":"wazuh","creatorUrl":"https://github.com/wazuh","sourceUrl":"https://github.com/wazuh/wazuh","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/wazuh-wazuh#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":15852,"forks":2342,"downloads":0,"rating":0,"review_count":0,"quality_score":72.6},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"16K","tone":"positive"},{"label":"Freshness","value":"21d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":89,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"16K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"16K stars, 2.3K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"21d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":80,"weight":0.12,"status":"info","detail":"external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add wazuh/wazuh"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/wazuh/wazuh"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"16K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"16K stars, 2.3K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"21d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add wazuh/wazuh"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/wazuh/wazuh"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","License clarity: Unknown"],"evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 2.3K forks","lastPushed":"21d since push","license":"Unknown","repository":"https://github.com/wazuh/wazuh","install":"npx skills add wazuh/wazuh","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add wazuh/wazuh","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","No Agent Proven outcome evidence yet","21d since push"]},"agentCompatibility":["C++","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","License clarity: Unknown"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["security","compliance","cloud-security","configuration-assessement","container-security","cybersecurity"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","License clarity: Unknown"]},"safety":{"score":76,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","76/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","76/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"GitHub automation","description":"I need my agent to triage GitHub issues, review pull requests, and summarize repository changes.","useCases":[{"slug":"workflow-automation","title":"Workflow automation"},{"slug":"github-automation","title":"GitHub automation"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","C++"],"install":{"ready":true,"command":"npx skills add wazuh/wazuh","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":15852,"starsLabel":"16K","forks":2342,"license":"Unknown","qualityScore":100,"trustScore":89,"auditScore":92},"maintenance":{"status":"fresh","label":"21d since push","daysSincePush":21,"lastPushedAt":"2026-06-12T13:45:51+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["License is unclear","License clarity: Unknown"]},"coverageTags":["Coding","GitHub automation","security","compliance","cloud-security","configuration-assessement","container-security","cybersecurity"]},"audit":{"audit_score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Workflow automation","role":"Primary pick","primary_fit":"Workflow automation","best_for":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Workflow automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"wazuh-wazuh","name":"Wazuh","description":"Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","category":"security","url":"https://www.openagentskill.com/skills/wazuh-wazuh","repository":"https://github.com/wazuh/wazuh","github_repo":"wazuh/wazuh"},"suited_tasks":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals","Move data between tools","Transform files","Trigger repeatable actions","Inspect repository metadata","Compare code changes"],"suited_agents":["C++","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add wazuh/wazuh","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add wazuh/wazuh"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Wazuh\" agent skill from https://github.com/wazuh/wazuh. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Wazuh\" as a Claude Code skill from https://github.com/wazuh/wazuh. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Wazuh\" from https://github.com/wazuh/wazuh into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."}],"handoff_url":"https://www.openagentskill.com/api/skills/wazuh-wazuh/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/wazuh-wazuh"},"trust":{"score":89,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 2.3K forks","lastPushed":"21d since push","license":"Unknown","repository":"https://github.com/wazuh/wazuh","install":"npx skills add wazuh/wazuh","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","compliance","cloud-security","configuration-assessement","container-security","cybersecurity"],"known_risks":["License is unclear","License clarity: Unknown"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Wazuh in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 89/100 Production candidate","Audit: 92/100 Safe to try","Safety: 76/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"wazuh-wazuh (Wazuh)","install_command":"npx skills add wazuh/wazuh","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"wazuh-wazuh","task":"Use Wazuh in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/wazuh-wazuh","api":"https://www.openagentskill.com/api/agent/skills/wazuh-wazuh","audit":"https://www.openagentskill.com/skills/wazuh-wazuh/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=wazuh-wazuh&task=Use%20Wazuh%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Wazuh%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Wazuh%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/wazuh-wazuh/install","manifest":"https://www.openagentskill.com/api/registry/manifest/wazuh-wazuh"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"wazuh-wazuh","name":"Wazuh","description":"Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","category":"security","url":"https://www.openagentskill.com/skills/wazuh-wazuh","repository":"https://github.com/wazuh/wazuh","github_repo":"wazuh/wazuh"},"suited_tasks":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals","Move data between tools","Transform files","Trigger repeatable actions","Inspect repository metadata","Compare code changes"],"suited_agents":["C++","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add wazuh/wazuh","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add wazuh/wazuh"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Wazuh\" agent skill from https://github.com/wazuh/wazuh. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Wazuh\" as a Claude Code skill from https://github.com/wazuh/wazuh. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Wazuh\" from https://github.com/wazuh/wazuh into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads."}],"handoff_url":"https://www.openagentskill.com/api/skills/wazuh-wazuh/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/wazuh-wazuh"},"trust":{"score":89,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 2.3K forks","lastPushed":"21d since push","license":"Unknown","repository":"https://github.com/wazuh/wazuh","install":"npx skills add wazuh/wazuh","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","compliance","cloud-security","configuration-assessement","container-security","cybersecurity"],"known_risks":["License is unclear","License clarity: Unknown"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Wazuh in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 89/100 Production candidate","Audit: 92/100 Safe to try","Safety: 76/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"wazuh-wazuh (Wazuh)","install_command":"npx skills add wazuh/wazuh","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"wazuh-wazuh","task":"Use Wazuh in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/wazuh-wazuh","api":"https://www.openagentskill.com/api/agent/skills/wazuh-wazuh","audit":"https://www.openagentskill.com/skills/wazuh-wazuh/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=wazuh-wazuh&task=Use%20Wazuh%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Wazuh%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Wazuh%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/wazuh-wazuh/install","manifest":"https://www.openagentskill.com/api/registry/manifest/wazuh-wazuh"}},"platforms":["C++","Compliance","Claude Code"],"use_cases":[{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"install":"npx skills add wazuh/wazuh","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add wazuh/wazuh","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Wazuh\" agent skill from https://github.com/wazuh/wazuh. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Wazuh\" as a Claude Code skill from https://github.com/wazuh/wazuh. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Wazuh\" from https://github.com/wazuh/wazuh into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/wazuh/wazuh","github_repo":"wazuh/wazuh","version":"1.0.0","license":"Unknown","updated_at":"2026-06-12T14:00:37.61788+00:00","canonical_key":"wazuh/wazuh","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 15,852 stars","Quality score 73/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/wazuh-wazuh","api":"https://www.openagentskill.com/api/agent/skills/wazuh-wazuh","install_api":"https://www.openagentskill.com/api/skills/wazuh-wazuh/install","audit":"https://www.openagentskill.com/skills/wazuh-wazuh/audit","repository":"https://github.com/wazuh/wazuh"}},{"rank":9,"match_score":16,"raw_match_score":137.3,"slug":"open-policy-agent-opa","name":"Opa","description":"Open Policy Agent (OPA) is an open source, general-purpose policy engine.","tagline":"Open Policy Agent (OPA) is an open source, general-purpose policy engine.","category":"security","tags":["compliance","security","authorization","cloud-native","declarative","json","opa","open-policy-agent","policy","go"],"author":{"name":"open-policy-agent","verified":true,"url":"https://github.com/open-policy-agent"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"open-policy-agent/opa","creatorName":"open-policy-agent","creatorUrl":"https://github.com/open-policy-agent","sourceUrl":"https://github.com/open-policy-agent/opa","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/open-policy-agent-opa#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":11850,"forks":1588,"downloads":0,"rating":0,"review_count":0,"quality_score":71.72},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"12K","tone":"positive"},{"label":"Freshness","value":"21d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Apache-2.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"12K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"12K stars, 1.6K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"21d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"Apache-2.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add open-policy-agent/opa"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/open-policy-agent/opa"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"12K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"12K stars, 1.6K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"21d since push"},{"status":"pass","label":"License clarity","detail":"Apache-2.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add open-policy-agent/opa"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/open-policy-agent/opa"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.6K forks","lastPushed":"21d since push","license":"Apache-2.0","repository":"https://github.com/open-policy-agent/opa","install":"npx skills add open-policy-agent/opa","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add open-policy-agent/opa","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","21d since push"]},"agentCompatibility":["Go","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","compliance","authorization","cloud-native","declarative","json"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add open-policy-agent/opa","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":11850,"starsLabel":"12K","forks":1588,"license":"Apache-2.0","qualityScore":100,"trustScore":92,"auditScore":95},"maintenance":{"status":"fresh","label":"21d since push","daysSincePush":21,"lastPushedAt":"2026-06-12T09:58:43+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","compliance","authorization","cloud-native","declarative","json"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Security and compliance","role":"Primary pick","primary_fit":"Security and compliance","best_for":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Security and compliance task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"open-policy-agent-opa","name":"Opa","description":"Open Policy Agent (OPA) is an open source, general-purpose policy engine.","category":"security","url":"https://www.openagentskill.com/skills/open-policy-agent-opa","repository":"https://github.com/open-policy-agent/opa","github_repo":"open-policy-agent/opa"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add open-policy-agent/opa","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add open-policy-agent/opa"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Opa\" agent skill from https://github.com/open-policy-agent/opa. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Opa\" as a Claude Code skill from https://github.com/open-policy-agent/opa. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Opa\" from https://github.com/open-policy-agent/opa into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."}],"handoff_url":"https://www.openagentskill.com/api/skills/open-policy-agent-opa/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/open-policy-agent-opa"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.6K forks","lastPushed":"21d since push","license":"Apache-2.0","repository":"https://github.com/open-policy-agent/opa","install":"npx skills add open-policy-agent/opa","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","compliance","authorization","cloud-native","declarative","json"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Opa in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"open-policy-agent-opa (Opa)","install_command":"npx skills add open-policy-agent/opa","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"open-policy-agent-opa","task":"Use Opa in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/open-policy-agent-opa","api":"https://www.openagentskill.com/api/agent/skills/open-policy-agent-opa","audit":"https://www.openagentskill.com/skills/open-policy-agent-opa/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=open-policy-agent-opa&task=Use%20Opa%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Opa%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Opa%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/open-policy-agent-opa/install","manifest":"https://www.openagentskill.com/api/registry/manifest/open-policy-agent-opa"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"open-policy-agent-opa","name":"Opa","description":"Open Policy Agent (OPA) is an open source, general-purpose policy engine.","category":"security","url":"https://www.openagentskill.com/skills/open-policy-agent-opa","repository":"https://github.com/open-policy-agent/opa","github_repo":"open-policy-agent/opa"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add open-policy-agent/opa","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add open-policy-agent/opa"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Opa\" agent skill from https://github.com/open-policy-agent/opa. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Opa\" as a Claude Code skill from https://github.com/open-policy-agent/opa. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Opa\" from https://github.com/open-policy-agent/opa into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine."}],"handoff_url":"https://www.openagentskill.com/api/skills/open-policy-agent-opa/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/open-policy-agent-opa"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.6K forks","lastPushed":"21d since push","license":"Apache-2.0","repository":"https://github.com/open-policy-agent/opa","install":"npx skills add open-policy-agent/opa","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","compliance","authorization","cloud-native","declarative","json"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Opa in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"open-policy-agent-opa (Opa)","install_command":"npx skills add open-policy-agent/opa","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"open-policy-agent-opa","task":"Use Opa in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/open-policy-agent-opa","api":"https://www.openagentskill.com/api/agent/skills/open-policy-agent-opa","audit":"https://www.openagentskill.com/skills/open-policy-agent-opa/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=open-policy-agent-opa&task=Use%20Opa%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Opa%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Opa%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/open-policy-agent-opa/install","manifest":"https://www.openagentskill.com/api/registry/manifest/open-policy-agent-opa"}},"platforms":["Go","Compliance","Claude Code"],"use_cases":[{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add open-policy-agent/opa","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add open-policy-agent/opa","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Opa\" agent skill from https://github.com/open-policy-agent/opa. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Opa\" as a Claude Code skill from https://github.com/open-policy-agent/opa. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Opa\" from https://github.com/open-policy-agent/opa into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Open Policy Agent (OPA) is an open source, general-purpose policy engine.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/open-policy-agent/opa","github_repo":"open-policy-agent/opa","version":"1.0.0","license":"Apache-2.0","updated_at":"2026-06-12T14:00:37.727371+00:00","canonical_key":"open-policy-agent/opa","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 11,850 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/open-policy-agent-opa","api":"https://www.openagentskill.com/api/agent/skills/open-policy-agent-opa","install_api":"https://www.openagentskill.com/api/skills/open-policy-agent-opa/install","audit":"https://www.openagentskill.com/skills/open-policy-agent-opa/audit","repository":"https://github.com/open-policy-agent/opa"}},{"rank":10,"match_score":15,"raw_match_score":125.8,"slug":"aquasecurity-trivy","name":"Trivy","description":"Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","tagline":"Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","category":"devops","tags":["kubernetes","devops","containers","devsecops","docker","go","golang","hacktoberfest","iac","infrastructure-as-code"],"author":{"name":"aquasecurity","verified":true,"url":"https://github.com/aquasecurity"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"aquasecurity/trivy","creatorName":"aquasecurity","creatorUrl":"https://github.com/aquasecurity","sourceUrl":"https://github.com/aquasecurity/trivy","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/aquasecurity-trivy#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":36459,"forks":479,"downloads":0,"rating":0,"review_count":0,"quality_score":75.13},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"36K","tone":"positive"},{"label":"Freshness","value":"18d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Apache-2.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"36K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":92,"weight":0.08,"status":"pass","detail":"36K stars, 479 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"18d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"Apache-2.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":80,"weight":0.12,"status":"info","detail":"external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add aquasecurity/trivy"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/aquasecurity/trivy"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"36K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"36K stars, 479 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"18d since push"},{"status":"pass","label":"License clarity","detail":"Apache-2.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add aquasecurity/trivy"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/aquasecurity/trivy"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"36K GitHub stars","repoActivity":"36K stars, 479 forks","lastPushed":"18d since push","license":"Apache-2.0","repository":"https://github.com/aquasecurity/trivy","install":"npx skills add aquasecurity/trivy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add aquasecurity/trivy","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","18d since push"]},"agentCompatibility":["Go","Kubernetes","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["devops","kubernetes","containers","devsecops","docker","go"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":86,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"workflow-automation","title":"Workflow automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add aquasecurity/trivy","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":36459,"starsLabel":"36K","forks":479,"license":"Apache-2.0","qualityScore":100,"trustScore":92,"auditScore":94},"maintenance":{"status":"fresh","label":"18d since push","daysSincePush":18,"lastPushedAt":"2026-06-15T09:49:39+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","devops","kubernetes","containers","devsecops","docker","go"]},"audit":{"audit_score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"aquasecurity-trivy","name":"Trivy","description":"Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","category":"devops","url":"https://www.openagentskill.com/skills/aquasecurity-trivy","repository":"https://github.com/aquasecurity/trivy","github_repo":"aquasecurity/trivy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Kubernetes","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add aquasecurity/trivy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add aquasecurity/trivy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Trivy\" agent skill from https://github.com/aquasecurity/trivy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Trivy\" as a Claude Code skill from https://github.com/aquasecurity/trivy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Trivy\" from https://github.com/aquasecurity/trivy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"}],"handoff_url":"https://www.openagentskill.com/api/skills/aquasecurity-trivy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/aquasecurity-trivy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"36K GitHub stars","repoActivity":"36K stars, 479 forks","lastPushed":"18d since push","license":"Apache-2.0","repository":"https://github.com/aquasecurity/trivy","install":"npx skills add aquasecurity/trivy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","kubernetes","containers","devsecops","docker","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"18d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Trivy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"aquasecurity-trivy (Trivy)","install_command":"npx skills add aquasecurity/trivy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"aquasecurity-trivy","task":"Use Trivy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/aquasecurity-trivy","api":"https://www.openagentskill.com/api/agent/skills/aquasecurity-trivy","audit":"https://www.openagentskill.com/skills/aquasecurity-trivy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=aquasecurity-trivy&task=Use%20Trivy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Trivy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Trivy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/aquasecurity-trivy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/aquasecurity-trivy"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"aquasecurity-trivy","name":"Trivy","description":"Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","category":"devops","url":"https://www.openagentskill.com/skills/aquasecurity-trivy","repository":"https://github.com/aquasecurity/trivy","github_repo":"aquasecurity/trivy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Kubernetes","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add aquasecurity/trivy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add aquasecurity/trivy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Trivy\" agent skill from https://github.com/aquasecurity/trivy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Trivy\" as a Claude Code skill from https://github.com/aquasecurity/trivy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Trivy\" from https://github.com/aquasecurity/trivy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more"}],"handoff_url":"https://www.openagentskill.com/api/skills/aquasecurity-trivy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/aquasecurity-trivy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"36K GitHub stars","repoActivity":"36K stars, 479 forks","lastPushed":"18d since push","license":"Apache-2.0","repository":"https://github.com/aquasecurity/trivy","install":"npx skills add aquasecurity/trivy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","kubernetes","containers","devsecops","docker","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"18d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Trivy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"aquasecurity-trivy (Trivy)","install_command":"npx skills add aquasecurity/trivy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"aquasecurity-trivy","task":"Use Trivy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/aquasecurity-trivy","api":"https://www.openagentskill.com/api/agent/skills/aquasecurity-trivy","audit":"https://www.openagentskill.com/skills/aquasecurity-trivy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=aquasecurity-trivy&task=Use%20Trivy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Trivy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Trivy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/aquasecurity-trivy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/aquasecurity-trivy"}},"platforms":["Go","Kubernetes","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"}],"install":"npx skills add aquasecurity/trivy","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add aquasecurity/trivy","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Trivy\" agent skill from https://github.com/aquasecurity/trivy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Trivy\" as a Claude Code skill from https://github.com/aquasecurity/trivy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Trivy\" from https://github.com/aquasecurity/trivy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/aquasecurity/trivy","github_repo":"aquasecurity/trivy","version":"1.0.0","license":"Apache-2.0","updated_at":"2026-06-16T10:01:50.843121+00:00","canonical_key":"aquasecurity/trivy","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 36,459 stars","Quality score 75/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/aquasecurity-trivy","api":"https://www.openagentskill.com/api/agent/skills/aquasecurity-trivy","install_api":"https://www.openagentskill.com/api/skills/aquasecurity-trivy/install","audit":"https://www.openagentskill.com/skills/aquasecurity-trivy/audit","repository":"https://github.com/aquasecurity/trivy"}}],"meta":{"endpoint":"/api/skills/search","canonical_agent_endpoint":"/api/agent/resolve","safety_policy":"Blocked candidates are excluded by default. Pass include_blocked=true only for manual audit workflows.","agent_friendly":true,"api_version":"1.0","generated_at":"2026-07-03T21:07:31.216Z"}}