{"query":"Terraform Security Scan","filters":{"category":null,"platform":null,"track":null,"safety":null,"include_blocked":false,"min_stars":0},"total":10,"skills":[{"rank":1,"match_score":99,"raw_match_score":932.5,"slug":"triat-terraform-security-scan","name":"Terraform Security Scan","description":"Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","tagline":"Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","category":"security","tags":["compliance","security","actions","aws","azure","ci","google-cloud-platform","hacktoberfest","scanner","static-analysis"],"author":{"name":"triat","verified":false,"url":"https://github.com/triat"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"triat/terraform-security-scan","creatorName":"triat","creatorUrl":"https://github.com/triat","sourceUrl":"https://github.com/triat/terraform-security-scan","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/triat-terraform-security-scan#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":112,"forks":29,"downloads":0,"rating":0,"review_count":0,"quality_score":33.07},"quality":{"score":47,"tier":"review","label":"Needs review","summary":"Inspect the repository carefully before adding it to an agent workflow.","signals":[{"label":"GitHub stars","value":"112","tone":"neutral"},{"label":"Freshness","value":"2y ago","tone":"warning"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":["Repository looks stale"]},"trust":{"version":"trust-score-v4","score":71,"tier":"review","label":"Manual review","summary":"Potentially useful, but at least one trust signal needs human inspection.","recommendedAction":"Inspect the repository, license, and recent activity before connecting it to agent workflows.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":62,"weight":0.13,"status":"info","detail":"112 GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":57,"weight":0.08,"status":"warn","detail":"112 stars, 29 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":38,"weight":0.14,"status":"fail","detail":"2y since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"command execution surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add triat/terraform-security-scan"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/triat/terraform-security-scan"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"info","label":"GitHub adoption","detail":"112 GitHub stars"},{"status":"warn","label":"Stars/forks activity","detail":"112 stars, 29 forks; issue activity unavailable in current metadata"},{"status":"fail","label":"Recent maintenance","detail":"2y since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface"},{"status":"pass","label":"Install availability","detail":"npx skills add triat/terraform-security-scan"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/triat/terraform-security-scan"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"warn","label":"Ownership","detail":"No approved owner claim yet"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["AI review approved","Install path is available","Repository evidence is available","Install command has no obvious high-risk pattern"],"warnings":["Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"],"evidence":{"stars":"112 GitHub stars","repoActivity":"112 stars, 29 forks","lastPushed":"2y since push","license":"MIT","repository":"https://github.com/triat/terraform-security-scan","install":"npx skills add triat/terraform-security-scan","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add triat/terraform-security-scan","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","2y since push"]},"agentCompatibility":["Shell","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["security","compliance","actions","aws","azure","ci"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"knownRisks":["Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"safety":{"score":36,"level":"avoid_auto_install","label":"Avoid automatic install","safety_tier":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","summary":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","36/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution","Repository appears stale"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","reasons":["High-risk permission hints: Shell or command execution","36/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"GitHub automation","description":"I need my agent to triage GitHub issues, review pull requests, and summarize repository changes.","useCases":[{"slug":"github-automation","title":"GitHub automation"},{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Shell"],"install":{"ready":true,"command":"npx skills add triat/terraform-security-scan","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":112,"starsLabel":"112","forks":29,"license":"MIT","qualityScore":47,"trustScore":71,"auditScore":64},"maintenance":{"status":"stale","label":"2y since push","daysSincePush":632,"lastPushedAt":"2024-10-09T06:55:36+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["Repository appears stale","Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"coverageTags":["Coding","GitHub automation","security","compliance","actions","aws","azure","ci"]},"audit":{"audit_score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"decision":{"readiness_score":37,"readiness_label":"Needs manual review","headline":"Needs validation for GitHub automation","role":"Needs validation","primary_fit":"GitHub automation","best_for":["GitHub automation workflows","Claude Code teams","builders willing to evaluate younger projects"],"risks":["Repository looks stale","No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one GitHub automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"triat-terraform-security-scan","name":"Terraform Security Scan","description":"Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","category":"security","url":"https://www.openagentskill.com/skills/triat-terraform-security-scan","repository":"https://github.com/triat/terraform-security-scan","github_repo":"triat/terraform-security-scan"},"suited_tasks":["GitHub automation workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect repository metadata","Compare code changes","Write concise engineering summaries","Inspect risky files","Prioritize findings"],"suited_agents":["Shell","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add triat/terraform-security-scan","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add triat/terraform-security-scan"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Terraform Security Scan\" agent skill from https://github.com/triat/terraform-security-scan. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Terraform Security Scan\" as a Claude Code skill from https://github.com/triat/terraform-security-scan. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Terraform Security Scan\" from https://github.com/triat/terraform-security-scan into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"}],"handoff_url":"https://www.openagentskill.com/api/skills/triat-terraform-security-scan/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/triat-terraform-security-scan"},"trust":{"score":71,"label":"Manual review","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"112 GitHub stars","repoActivity":"112 stars, 29 forks","lastPushed":"2y since push","license":"MIT","repository":"https://github.com/triat/terraform-security-scan","install":"npx skills add triat/terraform-security-scan","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","compliance","actions","aws","azure","ci"],"known_risks":["Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":47,"label":"Needs review"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"2y since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata"],"agent_contract":{"task_input":"Use Terraform Security Scan in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 71/100 Manual review","Audit: 64/100 Needs review","Safety: 36/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"triat-terraform-security-scan (Terraform Security Scan)","install_command":"npx skills add triat/terraform-security-scan","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"triat-terraform-security-scan","task":"Use Terraform Security Scan in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/triat-terraform-security-scan","api":"https://www.openagentskill.com/api/agent/skills/triat-terraform-security-scan","audit":"https://www.openagentskill.com/skills/triat-terraform-security-scan/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=triat-terraform-security-scan&task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/triat-terraform-security-scan/install","manifest":"https://www.openagentskill.com/api/registry/manifest/triat-terraform-security-scan"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"triat-terraform-security-scan","name":"Terraform Security Scan","description":"Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","category":"security","url":"https://www.openagentskill.com/skills/triat-terraform-security-scan","repository":"https://github.com/triat/terraform-security-scan","github_repo":"triat/terraform-security-scan"},"suited_tasks":["GitHub automation workflows","Claude Code teams","builders willing to evaluate younger projects","Inspect repository metadata","Compare code changes","Write concise engineering summaries","Inspect risky files","Prioritize findings"],"suited_agents":["Shell","Compliance","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add triat/terraform-security-scan","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add triat/terraform-security-scan"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Terraform Security Scan\" agent skill from https://github.com/triat/terraform-security-scan. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Terraform Security Scan\" as a Claude Code skill from https://github.com/triat/terraform-security-scan. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Terraform Security Scan\" from https://github.com/triat/terraform-security-scan into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec"}],"handoff_url":"https://www.openagentskill.com/api/skills/triat-terraform-security-scan/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/triat-terraform-security-scan"},"trust":{"score":71,"label":"Manual review","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"112 GitHub stars","repoActivity":"112 stars, 29 forks","lastPushed":"2y since push","license":"MIT","repository":"https://github.com/triat/terraform-security-scan","install":"npx skills add triat/terraform-security-scan","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","compliance","actions","aws","azure","ci"],"known_risks":["Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":64,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Repository appears stale","Repository looks stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata","Recent maintenance: 2y since push"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":47,"label":"Needs review"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"2y since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that require actively maintained dependencies","production agents without a repository review","Repository looks stale","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Repository appears stale","Quality score needs review","Stars/forks activity: 112 stars, 29 forks; issue activity unavailable in current metadata"],"agent_contract":{"task_input":"Use Terraform Security Scan in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 71/100 Manual review","Audit: 64/100 Needs review","Safety: 36/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"triat-terraform-security-scan (Terraform Security Scan)","install_command":"npx skills add triat/terraform-security-scan","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"triat-terraform-security-scan","task":"Use Terraform Security Scan in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/triat-terraform-security-scan","api":"https://www.openagentskill.com/api/agent/skills/triat-terraform-security-scan","audit":"https://www.openagentskill.com/skills/triat-terraform-security-scan/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=triat-terraform-security-scan&task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Terraform%20Security%20Scan%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/triat-terraform-security-scan/install","manifest":"https://www.openagentskill.com/api/registry/manifest/triat-terraform-security-scan"}},"platforms":["Shell","Compliance","Claude Code"],"use_cases":[{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"},{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"install":"npx skills add triat/terraform-security-scan","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add triat/terraform-security-scan","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Terraform Security Scan\" agent skill from https://github.com/triat/terraform-security-scan. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Terraform Security Scan\" as a Claude Code skill from https://github.com/triat/terraform-security-scan. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Terraform Security Scan\" from https://github.com/triat/terraform-security-scan into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/triat/terraform-security-scan","github_repo":"triat/terraform-security-scan","version":"1.0.0","license":"MIT","updated_at":"2026-06-21T06:54:52.836976+00:00","canonical_key":"triat/terraform-security-scan","recommendation_reasons":["Matches task terms: terraform, security, scan","Install handoff is available","Repository freshness signal is available","Registry match score 99"],"urls":{"web":"https://www.openagentskill.com/skills/triat-terraform-security-scan","api":"https://www.openagentskill.com/api/agent/skills/triat-terraform-security-scan","install_api":"https://www.openagentskill.com/api/skills/triat-terraform-security-scan/install","audit":"https://www.openagentskill.com/skills/triat-terraform-security-scan/audit","repository":"https://github.com/triat/terraform-security-scan"}},{"rank":2,"match_score":27,"raw_match_score":253,"slug":"hashicorp-terraform","name":"Terraform","description":"Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","tagline":"Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","category":"devops","tags":["terraform","infrastructure","devops","cloud","cloud-management","graph","infrastructure-as-code","go","github"],"author":{"name":"hashicorp","verified":true,"url":"https://github.com/hashicorp"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"hashicorp/terraform","creatorName":"hashicorp","creatorUrl":"https://github.com/hashicorp","sourceUrl":"https://github.com/hashicorp/terraform","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/hashicorp-terraform#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":48719,"forks":10374,"downloads":0,"rating":0,"review_count":0,"quality_score":76.01},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"49K","tone":"positive"},{"label":"Freshness","value":"17d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":90,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"49K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":100,"weight":0.08,"status":"pass","detail":"49K stars, 10K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"17d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add hashicorp/terraform"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/hashicorp/terraform"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"49K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"49K stars, 10K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"17d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add hashicorp/terraform"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/hashicorp/terraform"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","License clarity: Unknown"],"evidence":{"stars":"49K GitHub stars","repoActivity":"49K stars, 10K forks","lastPushed":"17d since push","license":"Unknown","repository":"https://github.com/hashicorp/terraform","install":"npx skills add hashicorp/terraform","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add hashicorp/terraform","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","No Agent Proven outcome evidence yet","17d since push"]},"agentCompatibility":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","License clarity: Unknown"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["devops","terraform","infrastructure","cloud","cloud-management","graph"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","License clarity: Unknown"]},"safety":{"score":77,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","summary":"Good audit and safety signals with no high-risk permission hints in public metadata.","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","auto_install_policy":"review","reasons":["Safe-to-try audit","77/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","reasons":["Safe-to-try audit","77/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"workflow-automation","title":"Workflow automation"},{"slug":"sports-analytics","title":"Sports analytics"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add hashicorp/terraform","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":48719,"starsLabel":"49K","forks":10374,"license":"Unknown","qualityScore":100,"trustScore":90,"auditScore":93},"maintenance":{"status":"fresh","label":"17d since push","daysSincePush":17,"lastPushedAt":"2026-06-16T09:56:55+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":true,"notes":["License is unclear","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","devops","terraform","infrastructure","cloud","cloud-management","graph"]},"audit":{"audit_score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"hashicorp-terraform","name":"Terraform","description":"Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","category":"devops","url":"https://www.openagentskill.com/skills/hashicorp-terraform","repository":"https://github.com/hashicorp/terraform","github_repo":"hashicorp/terraform"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Move data between tools","Transform files"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add hashicorp/terraform","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add hashicorp/terraform"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Terraform\" agent skill from https://github.com/hashicorp/terraform. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Terraform\" as a Claude Code skill from https://github.com/hashicorp/terraform. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Terraform\" from https://github.com/hashicorp/terraform into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."}],"handoff_url":"https://www.openagentskill.com/api/skills/hashicorp-terraform/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/hashicorp-terraform"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"49K GitHub stars","repoActivity":"49K stars, 10K forks","lastPushed":"17d since push","license":"Unknown","repository":"https://github.com/hashicorp/terraform","install":"npx skills add hashicorp/terraform","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["devops","terraform","infrastructure","cloud","cloud-management","graph"],"known_risks":["License is unclear","License clarity: Unknown"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Terraform in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 93/100 Safe to try","Safety: 77/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"hashicorp-terraform (Terraform)","install_command":"npx skills add hashicorp/terraform","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"hashicorp-terraform","task":"Use Terraform in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/hashicorp-terraform","api":"https://www.openagentskill.com/api/agent/skills/hashicorp-terraform","audit":"https://www.openagentskill.com/skills/hashicorp-terraform/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=hashicorp-terraform&task=Use%20Terraform%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Terraform%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Terraform%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/hashicorp-terraform/install","manifest":"https://www.openagentskill.com/api/registry/manifest/hashicorp-terraform"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"hashicorp-terraform","name":"Terraform","description":"Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","category":"devops","url":"https://www.openagentskill.com/skills/hashicorp-terraform","repository":"https://github.com/hashicorp/terraform","github_repo":"hashicorp/terraform"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Move data between tools","Transform files"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add hashicorp/terraform","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add hashicorp/terraform"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Terraform\" agent skill from https://github.com/hashicorp/terraform. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Terraform\" as a Claude Code skill from https://github.com/hashicorp/terraform. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Terraform\" from https://github.com/hashicorp/terraform into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned."}],"handoff_url":"https://www.openagentskill.com/api/skills/hashicorp-terraform/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/hashicorp-terraform"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"49K GitHub stars","repoActivity":"49K stars, 10K forks","lastPushed":"17d since push","license":"Unknown","repository":"https://github.com/hashicorp/terraform","install":"npx skills add hashicorp/terraform","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["devops","terraform","infrastructure","cloud","cloud-management","graph"],"known_risks":["License is unclear","License clarity: Unknown"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":["License is unclear","License clarity: Unknown"]},"safety_gate":{"tier":"reviewed","label":"Reviewed","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","License is unclear","License clarity: Unknown","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace"],"agent_contract":{"task_input":"Use Terraform in an agent workflow","recommended_action":"Review the audit page, then allow agent install in a sandboxed workflow.","install_policy":"review","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 93/100 Safe to try","Safety: 77/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"hashicorp-terraform (Terraform)","install_command":"npx skills add hashicorp/terraform","risk_summary":"Safe to try; Reviewed; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"hashicorp-terraform","task":"Use Terraform in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/hashicorp-terraform","api":"https://www.openagentskill.com/api/agent/skills/hashicorp-terraform","audit":"https://www.openagentskill.com/skills/hashicorp-terraform/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=hashicorp-terraform&task=Use%20Terraform%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Terraform%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Terraform%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/hashicorp-terraform/install","manifest":"https://www.openagentskill.com/api/registry/manifest/hashicorp-terraform"}},"platforms":["Go","Terraform","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"},{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"}],"install":"npx skills add hashicorp/terraform","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add hashicorp/terraform","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Terraform\" agent skill from https://github.com/hashicorp/terraform. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Terraform\" as a Claude Code skill from https://github.com/hashicorp/terraform. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Terraform\" from https://github.com/hashicorp/terraform into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/hashicorp/terraform","github_repo":"hashicorp/terraform","version":"1.0.0","license":"Unknown","updated_at":"2026-06-16T10:02:00.760267+00:00","canonical_key":"hashicorp/terraform","recommendation_reasons":["Matches task terms: terraform, security","Strong GitHub adoption: 48,719 stars","Quality score 76/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/hashicorp-terraform","api":"https://www.openagentskill.com/api/agent/skills/hashicorp-terraform","install_api":"https://www.openagentskill.com/api/skills/hashicorp-terraform/install","audit":"https://www.openagentskill.com/skills/hashicorp-terraform/audit","repository":"https://github.com/hashicorp/terraform"}},{"rank":3,"match_score":25,"raw_match_score":236.6,"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","tagline":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","tags":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest","nuclei-engine","security-scanner","subdomain-takeover","vulnerability-assessment"],"author":{"name":"projectdiscovery","verified":true,"url":"https://github.com/projectdiscovery"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"projectdiscovery/nuclei","creatorName":"projectdiscovery","creatorUrl":"https://github.com/projectdiscovery","sourceUrl":"https://github.com/projectdiscovery/nuclei","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/projectdiscovery-nuclei#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":29159,"forks":3484,"downloads":0,"rating":0,"review_count":0,"quality_score":74.45},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"29K","tone":"positive"},{"label":"Freshness","value":"20d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":93,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"29K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"29K stars, 3.5K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"20d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add projectdiscovery/nuclei"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/projectdiscovery/nuclei"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"29K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"29K stars, 3.5K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"20d since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add projectdiscovery/nuclei"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/projectdiscovery/nuclei"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add projectdiscovery/nuclei","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","20d since push"]},"agentCompatibility":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add projectdiscovery/nuclei","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":29159,"starsLabel":"29K","forks":3484,"license":"MIT","qualityScore":100,"trustScore":93,"auditScore":95},"maintenance":{"status":"fresh","label":"20d since push","daysSincePush":20,"lastPushedAt":"2026-06-13T15:43:40+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Security and compliance","role":"Primary pick","primary_fit":"Security and compliance","best_for":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Security and compliance task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","url":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add projectdiscovery/nuclei","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."}],"handoff_url":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"20d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Nuclei in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"projectdiscovery-nuclei (Nuclei)","install_command":"npx skills add projectdiscovery/nuclei","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"projectdiscovery-nuclei","task":"Use Nuclei in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=projectdiscovery-nuclei&task=Use%20Nuclei%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"projectdiscovery-nuclei","name":"Nuclei","description":"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","category":"security","url":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add projectdiscovery/nuclei","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations."}],"handoff_url":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"},"trust":{"score":93,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"29K GitHub stars","repoActivity":"29K stars, 3.5K forks","lastPushed":"20d since push","license":"MIT","repository":"https://github.com/projectdiscovery/nuclei","install":"npx skills add projectdiscovery/nuclei","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","attack-surface","cve-scanner","dast","hacktoberfest"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"20d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Nuclei in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 93/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"projectdiscovery-nuclei (Nuclei)","install_command":"npx skills add projectdiscovery/nuclei","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"projectdiscovery-nuclei","task":"Use Nuclei in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=projectdiscovery-nuclei&task=Use%20Nuclei%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Nuclei%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","manifest":"https://www.openagentskill.com/api/registry/manifest/projectdiscovery-nuclei"}},"platforms":["Go","Security","Claude Code"],"use_cases":[{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"}],"install":"npx skills add projectdiscovery/nuclei","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add projectdiscovery/nuclei","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Nuclei\" agent skill from https://github.com/projectdiscovery/nuclei. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Nuclei\" as a Claude Code skill from https://github.com/projectdiscovery/nuclei. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Nuclei\" from https://github.com/projectdiscovery/nuclei into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/projectdiscovery/nuclei","github_repo":"projectdiscovery/nuclei","version":"1.0.0","license":"MIT","updated_at":"2026-06-14T11:01:35.485615+00:00","canonical_key":"projectdiscovery/nuclei","recommendation_reasons":["Matches task terms: security, scan","Strong GitHub adoption: 29,159 stars","Quality score 74/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/projectdiscovery-nuclei","api":"https://www.openagentskill.com/api/agent/skills/projectdiscovery-nuclei","install_api":"https://www.openagentskill.com/api/skills/projectdiscovery-nuclei/install","audit":"https://www.openagentskill.com/skills/projectdiscovery-nuclei/audit","repository":"https://github.com/projectdiscovery/nuclei"}},{"rank":4,"match_score":25,"raw_match_score":236.6,"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","tagline":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","tags":["security","secret-scanning","acme","certificate-management","cli","environment-variables","go","golang","node-js","open-source"],"author":{"name":"Infisical","verified":true,"url":"https://github.com/Infisical"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"Infisical/infisical","creatorName":"Infisical","creatorUrl":"https://github.com/Infisical","sourceUrl":"https://github.com/Infisical/infisical","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/infisical-infisical#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":27445,"forks":1999,"downloads":0,"rating":0,"review_count":0,"quality_score":74.27},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"27K","tone":"positive"},{"label":"Freshness","value":"13d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Unknown","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":83,"tier":"strong","label":"Strong shortlist","summary":"Good trust signals with a few areas worth checking before rollout.","recommendedAction":"Test in a sandbox workflow and compare its install path with close alternatives.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"27K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"27K stars, 2.0K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"13d since push"},{"id":"license","label":"License clarity","score":42,"weight":0.09,"status":"warn","detail":"Unknown"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":54,"weight":0.12,"status":"warn","detail":"command execution surface, credential or environment access"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add Infisical/infisical"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":36,"weight":0.07,"status":"fail","detail":"secrets or environment access, shell or command execution"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/Infisical/infisical"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"27K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"27K stars, 2.0K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"13d since push"},{"status":"warn","label":"License clarity","detail":"Unknown"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"warn","label":"Dependency/runtime risk","detail":"command execution surface, credential or environment access"},{"status":"pass","label":"Install availability","detail":"npx skills add Infisical/infisical"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"fail","label":"Permission surface","detail":"secrets or environment access, shell or command execution"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/Infisical/infisical"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"],"evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add Infisical/infisical","policy":"human_review_before_install","label":"Human review before install","notes":["Install path is available","Repository evidence is available","License is unclear","No Agent Proven outcome evidence yet","13d since push"]},"agentCompatibility":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":false,"sandboxRequired":true,"policy":"human_review_before_install","reason":"Human review or sandbox validation is required before automatic installation."},"bestFor":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface","Automatic installation in a production workspace","Commercial reuse before clarifying license terms"],"knownRisks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety":{"score":49,"level":"avoid_auto_install","label":"Avoid automatic install","safety_tier":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","summary":"Sparse or mixed signals. Useful for discovery, but not for autonomous installation.","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","auto_install_policy":"review","reasons":["Metadata combines secrets access with shell or command execution","High-risk permission hints: Shell or command execution, Secrets or environment access","49/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"},{"id":"secrets","label":"Secrets or environment access","reason":"Skill metadata references credentials, tokens, environment variables, or secret-bearing workflows.","severity":"high"}],"policy_warnings":["High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"experimental","label":"Experimental","badge":"EXPERIMENTAL","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","reasons":["Metadata combines secrets access with shell or command execution","High-risk permission hints: Shell or command execution, Secrets or environment access","49/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"browser-automation","title":"Browser automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","TypeScript"],"install":{"ready":true,"command":"npx skills add Infisical/infisical","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":27445,"starsLabel":"27K","forks":1999,"license":"Unknown","qualityScore":100,"trustScore":83,"auditScore":89},"maintenance":{"status":"fresh","label":"13d since push","daysSincePush":13,"lastPushedAt":"2026-06-20T04:54:50+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown"]},"coverageTags":["Coding","Coding agents","security","secret-scanning","acme","certificate-management","cli","environment-variables"]},"audit":{"audit_score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","url":"https://www.openagentskill.com/skills/infisical-infisical","repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add Infisical/infisical","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add Infisical/infisical"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."}],"handoff_url":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"},"trust":{"score":83,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"known_risks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"13d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution"],"agent_contract":{"task_input":"Use Infisical in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 83/100 Strong shortlist","Audit: 89/100 Needs review","Safety: 49/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"infisical-infisical (Infisical)","install_command":"npx skills add Infisical/infisical","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"infisical-infisical","task":"Use Infisical in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=infisical-infisical&task=Use%20Infisical%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"infisical-infisical","name":"Infisical","description":"Infisical is the open-source platform for secrets, certificates, and privileged access management.","category":"security","url":"https://www.openagentskill.com/skills/infisical-infisical","repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["TypeScript","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add Infisical/infisical","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add Infisical/infisical"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management."}],"handoff_url":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"},"trust":{"score":83,"label":"Strong shortlist","version":"trust-score-v4","install_policy":"human_review_before_install","evidence":{"stars":"27K GitHub stars","repoActivity":"27K stars, 2.0K forks","lastPushed":"13d since push","license":"Unknown","repository":"https://github.com/Infisical/infisical","install":"npx skills add Infisical/infisical","installSafety":"standard package or runtime install path","permissionSurface":"secrets or environment access, shell or command execution","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":false,"sandbox_required":true,"reason":"Human review or sandbox validation is required before automatic installation."},"best_for":["security","secret-scanning","acme","certificate-management","cli","environment-variables"],"known_risks":["License is unclear","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":89,"risk_level":"needs_review","risk_label":"Needs review","warnings":["License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution","License clarity: Unknown","Dependency/runtime risk: command execution surface, credential or environment access","Permission surface: secrets or environment access, shell or command execution"]},"safety_gate":{"tier":"experimental","label":"Experimental","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Test manually in an isolated workspace and compare against safer alternatives."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"13d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution, Secrets or environment access","License is unclear","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: secrets or environment access, shell or command execution"],"agent_contract":{"task_input":"Use Infisical in an agent workflow","recommended_action":"Test manually in an isolated workspace and compare against safer alternatives.","install_policy":"review","minimum_review_before_use":["Trust: 83/100 Strong shortlist","Audit: 89/100 Needs review","Safety: 49/100 Avoid automatic install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"infisical-infisical (Infisical)","install_command":"npx skills add Infisical/infisical","risk_summary":"Needs review; Experimental; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"infisical-infisical","task":"Use Infisical in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=infisical-infisical&task=Use%20Infisical%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Infisical%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/infisical-infisical/install","manifest":"https://www.openagentskill.com/api/registry/manifest/infisical-infisical"}},"platforms":["TypeScript","Security","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add Infisical/infisical","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add Infisical/infisical","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Infisical\" agent skill from https://github.com/Infisical/infisical. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Infisical\" as a Claude Code skill from https://github.com/Infisical/infisical. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Infisical\" from https://github.com/Infisical/infisical into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Infisical is the open-source platform for secrets, certificates, and privileged access management.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/Infisical/infisical","github_repo":"Infisical/infisical","version":"1.0.0","license":"Unknown","updated_at":"2026-06-21T01:41:03.396501+00:00","canonical_key":"infisical/infisical","recommendation_reasons":["Matches task terms: security, scan","Strong GitHub adoption: 27,445 stars","Quality score 74/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/infisical-infisical","api":"https://www.openagentskill.com/api/agent/skills/infisical-infisical","install_api":"https://www.openagentskill.com/api/skills/infisical-infisical/install","audit":"https://www.openagentskill.com/skills/infisical-infisical/audit","repository":"https://github.com/Infisical/infisical"}},{"rank":5,"match_score":25,"raw_match_score":235,"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","tagline":"The ZAP by Checkmarx Core project","category":"security","tags":["security","scanner","appsec","dast","hacktoberfest","opensource","security-scanner","zap","zap-development","zaproxy"],"author":{"name":"zaproxy","verified":true,"url":"https://github.com/zaproxy"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"zaproxy/zaproxy","creatorName":"zaproxy","creatorUrl":"https://github.com/zaproxy","sourceUrl":"https://github.com/zaproxy/zaproxy","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/zaproxy-zaproxy#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":15281,"forks":2570,"downloads":0,"rating":0,"review_count":0,"quality_score":72.49},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"15K","tone":"positive"},{"label":"Freshness","value":"22d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"Apache-2.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"15K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"15K stars, 2.6K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"22d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"Apache-2.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add zaproxy/zaproxy"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/zaproxy/zaproxy"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"15K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"15K stars, 2.6K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"22d since push"},{"status":"pass","label":"License clarity","detail":"Apache-2.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add zaproxy/zaproxy"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/zaproxy/zaproxy"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add zaproxy/zaproxy","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","22d since push"]},"agentCompatibility":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","appsec","dast","hacktoberfest","opensource"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"workflow-automation","title":"Workflow automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Java"],"install":{"ready":true,"command":"npx skills add zaproxy/zaproxy","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":15281,"starsLabel":"15K","forks":2570,"license":"Apache-2.0","qualityScore":100,"trustScore":92,"auditScore":95},"maintenance":{"status":"fresh","label":"22d since push","daysSincePush":22,"lastPushedAt":"2026-06-11T09:00:42+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","appsec","dast","hacktoberfest","opensource"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","category":"security","url":"https://www.openagentskill.com/skills/zaproxy-zaproxy","repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add zaproxy/zaproxy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add zaproxy/zaproxy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project"}],"handoff_url":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","appsec","dast","hacktoberfest","opensource"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Zaproxy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"zaproxy-zaproxy (Zaproxy)","install_command":"npx skills add zaproxy/zaproxy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"zaproxy-zaproxy","task":"Use Zaproxy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=zaproxy-zaproxy&task=Use%20Zaproxy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"zaproxy-zaproxy","name":"Zaproxy","description":"The ZAP by Checkmarx Core project","category":"security","url":"https://www.openagentskill.com/skills/zaproxy-zaproxy","repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Java","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add zaproxy/zaproxy","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add zaproxy/zaproxy"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project"}],"handoff_url":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"15K GitHub stars","repoActivity":"15K stars, 2.6K forks","lastPushed":"22d since push","license":"Apache-2.0","repository":"https://github.com/zaproxy/zaproxy","install":"npx skills add zaproxy/zaproxy","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","appsec","dast","hacktoberfest","opensource"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"22d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Zaproxy in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"zaproxy-zaproxy (Zaproxy)","install_command":"npx skills add zaproxy/zaproxy","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"zaproxy-zaproxy","task":"Use Zaproxy in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=zaproxy-zaproxy&task=Use%20Zaproxy%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Zaproxy%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","manifest":"https://www.openagentskill.com/api/registry/manifest/zaproxy-zaproxy"}},"platforms":["Java","Security","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"sports-analytics","title":"Sports analytics","url":"https://www.openagentskill.com/use-cases/sports-analytics"}],"install":"npx skills add zaproxy/zaproxy","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add zaproxy/zaproxy","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Zaproxy\" agent skill from https://github.com/zaproxy/zaproxy. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: The ZAP by Checkmarx Core project","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Zaproxy\" as a Claude Code skill from https://github.com/zaproxy/zaproxy. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: The ZAP by Checkmarx Core project","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Zaproxy\" from https://github.com/zaproxy/zaproxy into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: The ZAP by Checkmarx Core project","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/zaproxy/zaproxy","github_repo":"zaproxy/zaproxy","version":"1.0.0","license":"Apache-2.0","updated_at":"2026-06-14T11:01:35.534416+00:00","canonical_key":"zaproxy/zaproxy","recommendation_reasons":["Matches task terms: security, scan","Strong GitHub adoption: 15,281 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/zaproxy-zaproxy","api":"https://www.openagentskill.com/api/agent/skills/zaproxy-zaproxy","install_api":"https://www.openagentskill.com/api/skills/zaproxy-zaproxy/install","audit":"https://www.openagentskill.com/skills/zaproxy-zaproxy/audit","repository":"https://github.com/zaproxy/zaproxy"}},{"rank":6,"match_score":25,"raw_match_score":234.4,"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","tagline":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","tags":["security","scanner","administrator","cybersecurity","freebsd","go","golang","linux","security-audit","security-automation"],"author":{"name":"future-architect","verified":true,"url":"https://github.com/future-architect"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"future-architect/vuls","creatorName":"future-architect","creatorUrl":"https://github.com/future-architect","sourceUrl":"https://github.com/future-architect/vuls","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/future-architect-vuls#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":12181,"forks":1235,"downloads":0,"rating":0,"review_count":0,"quality_score":71.8},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"12K","tone":"positive"},{"label":"Freshness","value":"21d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"12K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"12K stars, 1.2K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"21d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":80,"weight":0.12,"status":"info","detail":"external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add future-architect/vuls"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":72,"weight":0.07,"status":"info","detail":"filesystem or document access, network or browser access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/future-architect/vuls"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"12K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"12K stars, 1.2K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"21d since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add future-architect/vuls"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"filesystem or document access, network or browser access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/future-architect/vuls"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add future-architect/vuls","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","21d since push"]},"agentCompatibility":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["security","scanner","administrator","cybersecurity","freebsd","go"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":86,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","86/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"security-compliance","title":"Security and compliance"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add future-architect/vuls","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":12181,"starsLabel":"12K","forks":1235,"license":"GPL-3.0","qualityScore":100,"trustScore":92,"auditScore":94},"maintenance":{"status":"fresh","label":"21d since push","daysSincePush":21,"lastPushedAt":"2026-06-12T04:28:13+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","security","scanner","administrator","cybersecurity","freebsd","go"]},"audit":{"audit_score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Security and compliance","role":"Primary pick","primary_fit":"Security and compliance","best_for":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Security and compliance task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","url":"https://www.openagentskill.com/skills/future-architect-vuls","repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add future-architect/vuls","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add future-architect/vuls"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"}],"handoff_url":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","administrator","cybersecurity","freebsd","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Vuls in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"future-architect-vuls (Vuls)","install_command":"npx skills add future-architect/vuls","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"future-architect-vuls","task":"Use Vuls in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=future-architect-vuls&task=Use%20Vuls%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"future-architect-vuls","name":"Vuls","description":"Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","category":"security","url":"https://www.openagentskill.com/skills/future-architect-vuls","repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls"},"suited_tasks":["Security and compliance workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect risky files","Prioritize findings","Explain remediation steps","Inspect source files","Explain architecture"],"suited_agents":["Go","Security","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add future-architect/vuls","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add future-architect/vuls"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices"}],"handoff_url":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"12K GitHub stars","repoActivity":"12K stars, 1.2K forks","lastPushed":"21d since push","license":"GPL-3.0","repository":"https://github.com/future-architect/vuls","install":"npx skills add future-architect/vuls","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["security","scanner","administrator","cybersecurity","freebsd","go"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":94,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"21d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Vuls in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 94/100 Safe to try","Safety: 86/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"future-architect-vuls (Vuls)","install_command":"npx skills add future-architect/vuls","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"future-architect-vuls","task":"Use Vuls in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=future-architect-vuls&task=Use%20Vuls%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Vuls%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","manifest":"https://www.openagentskill.com/api/registry/manifest/future-architect-vuls"}},"platforms":["Go","Security","Claude Code"],"use_cases":[{"slug":"security-compliance","title":"Security and compliance","url":"https://www.openagentskill.com/use-cases/security-compliance"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add future-architect/vuls","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add future-architect/vuls","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Vuls\" agent skill from https://github.com/future-architect/vuls. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Vuls\" as a Claude Code skill from https://github.com/future-architect/vuls. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Vuls\" from https://github.com/future-architect/vuls into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/future-architect/vuls","github_repo":"future-architect/vuls","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-14T11:01:35.56216+00:00","canonical_key":"future-architect/vuls","recommendation_reasons":["Matches task terms: security, scan","Strong GitHub adoption: 12,181 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/future-architect-vuls","api":"https://www.openagentskill.com/api/agent/skills/future-architect-vuls","install_api":"https://www.openagentskill.com/api/skills/future-architect-vuls/install","audit":"https://www.openagentskill.com/skills/future-architect-vuls/audit","repository":"https://github.com/future-architect/vuls"}},{"rank":7,"match_score":24,"raw_match_score":224,"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","tagline":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","tags":["static-analysis","code-quality","android-security","api-testing","apk","cwe","devsecops","dynamic-analysis","ios-security","malware-analysis"],"author":{"name":"MobSF","verified":true,"url":"https://github.com/MobSF"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"MobSF/Mobile-Security-Framework-MobSF","creatorName":"MobSF","creatorUrl":"https://github.com/MobSF","sourceUrl":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":21211,"forks":3697,"downloads":0,"rating":0,"review_count":0,"quality_score":73.49},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"21K","tone":"positive"},{"label":"Freshness","value":"2mo ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"GPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":90,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"21K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"21K stars, 3.7K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":88,"weight":0.14,"status":"pass","detail":"2mo since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"GPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":82,"weight":0.12,"status":"pass","detail":"network or browser surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":72,"weight":0.07,"status":"info","detail":"filesystem or document access, network or browser access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"21K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"21K stars, 3.7K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"2mo since push"},{"status":"pass","label":"License clarity","detail":"GPL-3.0"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"pass","label":"Dependency/runtime risk","detail":"network or browser surface"},{"status":"pass","label":"Install availability","detail":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"filesystem or document access, network or browser access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","2mo since push"]},"agentCompatibility":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["development","static-analysis","code-quality","android-security","api-testing","apk"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":84,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","84/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","84/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"browser-automation","title":"Browser automation"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","JavaScript"],"install":{"ready":true,"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":21211,"starsLabel":"21K","forks":3697,"license":"GPL-3.0","qualityScore":100,"trustScore":90,"auditScore":92},"maintenance":{"status":"active","label":"2mo since push","daysSincePush":45,"lastPushedAt":"2026-05-19T21:45:53+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","development","static-analysis","code-quality","android-security","api-testing","apk"]},"audit":{"audit_score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","url":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Navigate pages","Click and type safely"],"suited_agents":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."}],"handoff_url":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","android-security","api-testing","apk"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"2mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Mobile Security Framework MobSF in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 92/100 Safe to try","Safety: 84/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mobsf-mobile-security-framework-mobsf (Mobile Security Framework MobSF)","install_command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mobsf-mobile-security-framework-mobsf","task":"Use Mobile Security Framework MobSF in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mobsf-mobile-security-framework-mobsf&task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mobsf-mobile-security-framework-mobsf","name":"Mobile Security Framework MobSF","description":"Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","category":"development","url":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Navigate pages","Click and type safely"],"suited_agents":["JavaScript","Static Analysis","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis."}],"handoff_url":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"21K GitHub stars","repoActivity":"21K stars, 3.7K forks","lastPushed":"2mo since push","license":"GPL-3.0","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access, network or browser access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["development","static-analysis","code-quality","android-security","api-testing","apk"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"2mo since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Mobile Security Framework MobSF in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 92/100 Safe to try","Safety: 84/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mobsf-mobile-security-framework-mobsf (Mobile Security Framework MobSF)","install_command":"npx skills add MobSF/Mobile-Security-Framework-MobSF","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mobsf-mobile-security-framework-mobsf","task":"Use Mobile Security Framework MobSF in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mobsf-mobile-security-framework-mobsf&task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Mobile%20Security%20Framework%20MobSF%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mobsf-mobile-security-framework-mobsf"}},"platforms":["JavaScript","Static Analysis","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add MobSF/Mobile-Security-Framework-MobSF","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add MobSF/Mobile-Security-Framework-MobSF","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Mobile Security Framework MobSF\" agent skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Mobile Security Framework MobSF\" as a Claude Code skill from https://github.com/MobSF/Mobile-Security-Framework-MobSF. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Mobile Security Framework MobSF\" from https://github.com/MobSF/Mobile-Security-Framework-MobSF into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF","github_repo":"MobSF/Mobile-Security-Framework-MobSF","version":"1.0.0","license":"GPL-3.0","updated_at":"2026-06-14T11:01:15.92607+00:00","canonical_key":"mobsf/mobile-security-framework-mobsf","recommendation_reasons":["Matches task terms: security","Strong GitHub adoption: 21,211 stars","Quality score 73/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf","api":"https://www.openagentskill.com/api/agent/skills/mobsf-mobile-security-framework-mobsf","install_api":"https://www.openagentskill.com/api/skills/mobsf-mobile-security-framework-mobsf/install","audit":"https://www.openagentskill.com/skills/mobsf-mobile-security-framework-mobsf/audit","repository":"https://github.com/MobSF/Mobile-Security-Framework-MobSF"}},{"rank":8,"match_score":21,"raw_match_score":195.1,"slug":"mikefarah-yq","name":"Yq","description":"yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL  and properties processor","tagline":"yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL  and properties processor","category":"devops","tags":["terraform","infrastructure","devops","bash","cli","csv","devops-tools","golang","hcl","json"],"author":{"name":"mikefarah","verified":true,"url":"https://github.com/mikefarah"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"mikefarah/yq","creatorName":"mikefarah","creatorUrl":"https://github.com/mikefarah","sourceUrl":"https://github.com/mikefarah/yq","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/mikefarah-yq#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":15552,"forks":782,"downloads":0,"rating":0,"review_count":0,"quality_score":72.54},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"16K","tone":"positive"},{"label":"Freshness","value":"17d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":90,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"16K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":92,"weight":0.08,"status":"pass","detail":"16K stars, 782 forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"17d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":72,"weight":0.12,"status":"info","detail":"command execution surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add mikefarah/yq"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":62,"weight":0.07,"status":"info","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/mikefarah/yq"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"16K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"16K stars, 782 forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"17d since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"info","label":"Dependency/runtime risk","detail":"command execution surface"},{"status":"pass","label":"Install availability","detail":"npx skills add mikefarah/yq"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"info","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/mikefarah/yq"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 782 forks","lastPushed":"17d since push","license":"MIT","repository":"https://github.com/mikefarah/yq","install":"npx skills add mikefarah/yq","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add mikefarah/yq","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","17d since push"]},"agentCompatibility":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["devops","terraform","infrastructure","bash","cli","csv"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":65,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","65/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["High-risk permission hints: Shell or command execution","65/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"workflow-automation","title":"Workflow automation"},{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add mikefarah/yq","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":15552,"starsLabel":"16K","forks":782,"license":"MIT","qualityScore":100,"trustScore":90,"auditScore":93},"maintenance":{"status":"fresh","label":"17d since push","daysSincePush":17,"lastPushedAt":"2026-06-16T06:46:43+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","devops","terraform","infrastructure","bash","cli","csv"]},"audit":{"audit_score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Workflow automation","role":"Primary pick","primary_fit":"Workflow automation","best_for":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Workflow automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mikefarah-yq","name":"Yq","description":"yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL  and properties processor","category":"devops","url":"https://www.openagentskill.com/skills/mikefarah-yq","repository":"https://github.com/mikefarah/yq","github_repo":"mikefarah/yq"},"suited_tasks":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals","Move data between tools","Transform files","Trigger repeatable actions","Inspect source files","Explain architecture"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add mikefarah/yq","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add mikefarah/yq"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Yq\" agent skill from https://github.com/mikefarah/yq. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Yq\" as a Claude Code skill from https://github.com/mikefarah/yq. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Yq\" from https://github.com/mikefarah/yq into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"}],"handoff_url":"https://www.openagentskill.com/api/skills/mikefarah-yq/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mikefarah-yq"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 782 forks","lastPushed":"17d since push","license":"MIT","repository":"https://github.com/mikefarah/yq","install":"npx skills add mikefarah/yq","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","bash","cli","csv"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Yq in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 93/100 Safe to try","Safety: 65/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mikefarah-yq (Yq)","install_command":"npx skills add mikefarah/yq","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mikefarah-yq","task":"Use Yq in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mikefarah-yq","api":"https://www.openagentskill.com/api/agent/skills/mikefarah-yq","audit":"https://www.openagentskill.com/skills/mikefarah-yq/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mikefarah-yq&task=Use%20Yq%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Yq%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Yq%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mikefarah-yq/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mikefarah-yq"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"mikefarah-yq","name":"Yq","description":"yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL  and properties processor","category":"devops","url":"https://www.openagentskill.com/skills/mikefarah-yq","repository":"https://github.com/mikefarah/yq","github_repo":"mikefarah/yq"},"suited_tasks":["Workflow automation workflows","Claude Code teams","teams that value GitHub adoption signals","Move data between tools","Transform files","Trigger repeatable actions","Inspect source files","Explain architecture"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add mikefarah/yq","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add mikefarah/yq"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Yq\" agent skill from https://github.com/mikefarah/yq. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Yq\" as a Claude Code skill from https://github.com/mikefarah/yq. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Yq\" from https://github.com/mikefarah/yq into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor"}],"handoff_url":"https://www.openagentskill.com/api/skills/mikefarah-yq/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/mikefarah-yq"},"trust":{"score":90,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"16K GitHub stars","repoActivity":"16K stars, 782 forks","lastPushed":"17d since push","license":"MIT","repository":"https://github.com/mikefarah/yq","install":"npx skills add mikefarah/yq","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","bash","cli","csv"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":93,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Yq in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 90/100 Production candidate","Audit: 93/100 Safe to try","Safety: 65/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"mikefarah-yq (Yq)","install_command":"npx skills add mikefarah/yq","risk_summary":"Safe to try; Reviewed with permission notes; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"mikefarah-yq","task":"Use Yq in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/mikefarah-yq","api":"https://www.openagentskill.com/api/agent/skills/mikefarah-yq","audit":"https://www.openagentskill.com/skills/mikefarah-yq/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=mikefarah-yq&task=Use%20Yq%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Yq%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Yq%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/mikefarah-yq/install","manifest":"https://www.openagentskill.com/api/registry/manifest/mikefarah-yq"}},"platforms":["Go","Terraform","Claude Code"],"use_cases":[{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"}],"install":"npx skills add mikefarah/yq","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add mikefarah/yq","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Yq\" agent skill from https://github.com/mikefarah/yq. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Yq\" as a Claude Code skill from https://github.com/mikefarah/yq. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Yq\" from https://github.com/mikefarah/yq into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: yq is a portable command-line YAML, JSON, XML, CSV, TOML, HCL and properties processor","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/mikefarah/yq","github_repo":"mikefarah/yq","version":"1.0.0","license":"MIT","updated_at":"2026-06-16T10:02:00.790579+00:00","canonical_key":"mikefarah/yq","recommendation_reasons":["Matches task terms: terraform, security","Strong GitHub adoption: 15,552 stars","Quality score 73/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/mikefarah-yq","api":"https://www.openagentskill.com/api/agent/skills/mikefarah-yq","install_api":"https://www.openagentskill.com/api/skills/mikefarah-yq/install","audit":"https://www.openagentskill.com/skills/mikefarah-yq/audit","repository":"https://github.com/mikefarah/yq"}},{"rank":9,"match_score":21,"raw_match_score":194.7,"slug":"semaphoreui-semaphore","name":"Semaphore","description":"Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","tagline":"Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","category":"devops","tags":["terraform","infrastructure","devops","ansible","awx","ci","cicd","docker","docker-ui","go"],"author":{"name":"semaphoreui","verified":true,"url":"https://github.com/semaphoreui"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"semaphoreui/semaphore","creatorName":"semaphoreui","creatorUrl":"https://github.com/semaphoreui","sourceUrl":"https://github.com/semaphoreui/semaphore","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/semaphoreui-semaphore#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":13764,"forks":1264,"downloads":0,"rating":0,"review_count":0,"quality_score":72.17},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"14K","tone":"positive"},{"label":"Freshness","value":"18d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"MIT","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":88,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"14K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"14K stars, 1.3K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"18d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"MIT"},{"id":"documentation","label":"README/SKILL.md completeness","score":90,"weight":0.14,"status":"pass","detail":"Metadata includes enough usage and workflow context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":54,"weight":0.12,"status":"warn","detail":"command execution surface, external package install surface"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add semaphoreui/semaphore"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":48,"weight":0.07,"status":"warn","detail":"shell or command execution, filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/semaphoreui/semaphore"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"14K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"14K stars, 1.3K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"18d since push"},{"status":"pass","label":"License clarity","detail":"MIT"},{"status":"pass","label":"README/SKILL.md completeness","detail":"Metadata includes enough usage and workflow context"},{"status":"warn","label":"Dependency/runtime risk","detail":"command execution surface, external package install surface"},{"status":"pass","label":"Install availability","detail":"npx skills add semaphoreui/semaphore"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"warn","label":"Permission surface","detail":"shell or command execution, filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/semaphoreui/semaphore"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":["Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"],"evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"18d since push","license":"MIT","repository":"https://github.com/semaphoreui/semaphore","install":"npx skills add semaphoreui/semaphore","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add semaphoreui/semaphore","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","18d since push"]},"agentCompatibility":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"medium","label":"Review before production","notes":["Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["devops","terraform","infrastructure","ansible","awx","ci"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":["Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"safety":{"score":64,"level":"review_before_install","label":"Review before install","safety_tier":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","summary":"Usable candidate, but the agent should surface permission and audit notes before installation.","recommended_action":"Require human approval before installing into a real workspace.","auto_install_policy":"review","reasons":["High-risk permission hints: Shell or command execution","64/100 agent safety score"]},"auto_install_allowed":false,"human_review_required":true,"blocked":false,"audit_risk":"needs_review","permission_hints":[{"id":"shell","label":"Shell or command execution","reason":"Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.","severity":"high"},{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":["High-risk permission hints: Shell or command execution","Dependency or permission surface needs review"],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","badge":"REVIEWED","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace.","reasons":["High-risk permission hints: Shell or command execution","64/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"GitHub automation","description":"I need my agent to triage GitHub issues, review pull requests, and summarize repository changes.","useCases":[{"slug":"browser-automation","title":"Browser automation"},{"slug":"github-automation","title":"GitHub automation"},{"slug":"coding-agents","title":"Coding agents"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add semaphoreui/semaphore","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":13764,"starsLabel":"14K","forks":1264,"license":"MIT","qualityScore":100,"trustScore":88,"auditScore":92},"maintenance":{"status":"fresh","label":"18d since push","daysSincePush":18,"lastPushedAt":"2026-06-15T16:04:39+00:00"},"risk":{"level":"needs_review","label":"Needs review","requiresReview":true,"notes":["Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"coverageTags":["Coding","GitHub automation","devops","terraform","infrastructure","ansible","awx","ci"]},"audit":{"audit_score":92,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Browser automation","role":"Primary pick","primary_fit":"Browser automation","best_for":["Browser automation workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Browser automation task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"semaphoreui-semaphore","name":"Semaphore","description":"Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","category":"devops","url":"https://www.openagentskill.com/skills/semaphoreui-semaphore","repository":"https://github.com/semaphoreui/semaphore","github_repo":"semaphoreui/semaphore"},"suited_tasks":["Browser automation workflows","Claude Code teams","teams that value GitHub adoption signals","Navigate pages","Click and type safely","Check visual and DOM state","Inspect repository metadata","Compare code changes"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add semaphoreui/semaphore","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add semaphoreui/semaphore"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Semaphore\" agent skill from https://github.com/semaphoreui/semaphore. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Semaphore\" as a Claude Code skill from https://github.com/semaphoreui/semaphore. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Semaphore\" from https://github.com/semaphoreui/semaphore into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."}],"handoff_url":"https://www.openagentskill.com/api/skills/semaphoreui-semaphore/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/semaphoreui-semaphore"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"18d since push","license":"MIT","repository":"https://github.com/semaphoreui/semaphore","install":"npx skills add semaphoreui/semaphore","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","ansible","awx","ci"],"known_risks":["Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"18d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface"],"agent_contract":{"task_input":"Use Semaphore in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 92/100 Needs review","Safety: 64/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"semaphoreui-semaphore (Semaphore)","install_command":"npx skills add semaphoreui/semaphore","risk_summary":"Needs review; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"semaphoreui-semaphore","task":"Use Semaphore in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/semaphoreui-semaphore","api":"https://www.openagentskill.com/api/agent/skills/semaphoreui-semaphore","audit":"https://www.openagentskill.com/skills/semaphoreui-semaphore/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=semaphoreui-semaphore&task=Use%20Semaphore%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Semaphore%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Semaphore%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/semaphoreui-semaphore/install","manifest":"https://www.openagentskill.com/api/registry/manifest/semaphoreui-semaphore"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"semaphoreui-semaphore","name":"Semaphore","description":"Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","category":"devops","url":"https://www.openagentskill.com/skills/semaphoreui-semaphore","repository":"https://github.com/semaphoreui/semaphore","github_repo":"semaphoreui/semaphore"},"suited_tasks":["Browser automation workflows","Claude Code teams","teams that value GitHub adoption signals","Navigate pages","Click and type safely","Check visual and DOM state","Inspect repository metadata","Compare code changes"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add semaphoreui/semaphore","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add semaphoreui/semaphore"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Semaphore\" agent skill from https://github.com/semaphoreui/semaphore. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Semaphore\" as a Claude Code skill from https://github.com/semaphoreui/semaphore. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Semaphore\" from https://github.com/semaphoreui/semaphore into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools."}],"handoff_url":"https://www.openagentskill.com/api/skills/semaphoreui-semaphore/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/semaphoreui-semaphore"},"trust":{"score":88,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"18d since push","license":"MIT","repository":"https://github.com/semaphoreui/semaphore","install":"npx skills add semaphoreui/semaphore","installSafety":"standard package or runtime install path","permissionSurface":"shell or command execution, filesystem or document access","documentation":"Strong README/SKILL.md context","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","ansible","awx","ci"],"known_risks":["Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":92,"risk_level":"needs_review","risk_label":"Needs review","warnings":["Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface","Permission surface: shell or command execution, filesystem or document access"]},"safety_gate":{"tier":"reviewed","label":"Reviewed with permission notes","auto_install_policy":"review","auto_install_allowed":false,"human_review_required":true,"blocked":false,"recommended_action":"Require human approval before installing into a real workspace."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"GitHub automation","maintenance":"18d since push","risk":"Needs review"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","High-risk permission hints: Shell or command execution","Dependency or permission surface needs review","Permission surface may require sandboxing","Permission surface needs review: shell or command execution, filesystem or document access","Dependency/runtime risk: command execution surface, external package install surface"],"agent_contract":{"task_input":"Use Semaphore in an agent workflow","recommended_action":"Require human approval before installing into a real workspace.","install_policy":"review","minimum_review_before_use":["Trust: 88/100 Production candidate","Audit: 92/100 Needs review","Safety: 64/100 Review before install","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"semaphoreui-semaphore (Semaphore)","install_command":"npx skills add semaphoreui/semaphore","risk_summary":"Needs review; Reviewed with permission notes; Review before production","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"semaphoreui-semaphore","task":"Use Semaphore in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/semaphoreui-semaphore","api":"https://www.openagentskill.com/api/agent/skills/semaphoreui-semaphore","audit":"https://www.openagentskill.com/skills/semaphoreui-semaphore/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=semaphoreui-semaphore&task=Use%20Semaphore%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Semaphore%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Semaphore%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/semaphoreui-semaphore/install","manifest":"https://www.openagentskill.com/api/registry/manifest/semaphoreui-semaphore"}},"platforms":["Go","Terraform","Claude Code"],"use_cases":[{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"github-automation","title":"GitHub automation","url":"https://www.openagentskill.com/use-cases/github-automation"},{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"}],"install":"npx skills add semaphoreui/semaphore","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add semaphoreui/semaphore","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Semaphore\" agent skill from https://github.com/semaphoreui/semaphore. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Semaphore\" as a Claude Code skill from https://github.com/semaphoreui/semaphore. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Semaphore\" from https://github.com/semaphoreui/semaphore into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Modern UI and powerful API for Ansible, Terraform/OpenTofu/Terragrunt, PowerShell and other DevOps tools.","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/semaphoreui/semaphore","github_repo":"semaphoreui/semaphore","version":"1.0.0","license":"MIT","updated_at":"2026-06-16T10:02:00.811575+00:00","canonical_key":"semaphoreui/semaphore","recommendation_reasons":["Matches task terms: terraform, security","Strong GitHub adoption: 13,764 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/semaphoreui-semaphore","api":"https://www.openagentskill.com/api/agent/skills/semaphoreui-semaphore","install_api":"https://www.openagentskill.com/api/skills/semaphoreui-semaphore/install","audit":"https://www.openagentskill.com/skills/semaphoreui-semaphore/audit","repository":"https://github.com/semaphoreui/semaphore"}},{"rank":10,"match_score":21,"raw_match_score":194.7,"slug":"coder-coder","name":"Coder","description":"Secure environments for developers and their agents","tagline":"Secure environments for developers and their agents","category":"devops","tags":["terraform","infrastructure","devops","agents","dev-tools","development-environment","go","golang","ide","jetbrains"],"author":{"name":"coder","verified":true,"url":"https://github.com/coder"},"attribution":{"status":"community_indexed","statusLabel":"Community indexed","shortLabel":"COMMUNITY INDEXED","sourceLabel":"GitHub star discovery","sourceDetail":"coder/coder","creatorName":"coder","creatorUrl":"https://github.com/coder","sourceUrl":"https://github.com/coder/coder","indexedBy":"OpenAgentSkill community index","claimUrl":"https://www.openagentskill.com/skills/coder-coder#claim-this-skill","claimCta":"Claim this skill","trustNote":"This listing was indexed from public sources and is not marked official until a maintainer claim is approved.","publicNote":"Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals."},"stats":{"stars":13509,"forks":1336,"downloads":0,"rating":0,"review_count":0,"quality_score":72.11},"quality":{"score":100,"tier":"excellent","label":"Excellent","summary":"High-confidence pick with strong adoption and healthy maintenance signals.","signals":[{"label":"GitHub stars","value":"14K","tone":"positive"},{"label":"Freshness","value":"17d ago","tone":"positive"},{"label":"Install ready","value":"Yes","tone":"positive"},{"label":"License","value":"AGPL-3.0","tone":"neutral"}],"warnings":[]},"trust":{"version":"trust-score-v4","score":92,"tier":"production","label":"Production candidate","summary":"Strong OpenAgentSkill Trust Score across adoption, recent maintenance, license clarity, documentation, dependency/runtime risk, install safety, permission surface, and install availability.","recommendedAction":"Shortlist for production use, then run a normal repository and dependency review.","dimensions":[{"id":"github_adoption","label":"GitHub adoption","score":100,"weight":0.13,"status":"pass","detail":"14K GitHub stars"},{"id":"repo_activity","label":"Stars/forks activity","score":97,"weight":0.08,"status":"pass","detail":"14K stars, 1.3K forks; issue activity unavailable in current metadata"},{"id":"maintenance","label":"Recent maintenance","score":100,"weight":0.14,"status":"pass","detail":"17d since push"},{"id":"license","label":"License clarity","score":86,"weight":0.09,"status":"pass","detail":"AGPL-3.0"},{"id":"documentation","label":"README/SKILL.md completeness","score":74,"weight":0.14,"status":"info","detail":"Public metadata needs stronger README/SKILL.md context"},{"id":"dependency_risk","label":"Dependency/runtime risk","score":90,"weight":0.12,"status":"pass","detail":"no major dependency risk hints in public metadata"},{"id":"installability","label":"Install availability","score":92,"weight":0.1,"status":"pass","detail":"npx skills add coder/coder"},{"id":"install_safety","label":"Install command safety","score":92,"weight":0.1,"status":"pass","detail":"standard package or runtime install path"},{"id":"permission_surface","label":"Permission surface","score":86,"weight":0.07,"status":"pass","detail":"filesystem or document access"},{"id":"repository","label":"Repository evidence","score":86,"weight":0.04,"status":"pass","detail":"https://github.com/coder/coder"},{"id":"review_status","label":"Review status","score":88,"weight":0.05,"status":"pass","detail":"AI review data available"},{"id":"agent_outcomes","label":"Agent Proven outcomes","score":54,"weight":0.13,"status":"info","detail":"No agent outcome data yet"}],"checks":[{"status":"pass","label":"GitHub adoption","detail":"14K GitHub stars"},{"status":"pass","label":"Stars/forks activity","detail":"14K stars, 1.3K forks; issue activity unavailable in current metadata"},{"status":"pass","label":"Recent maintenance","detail":"17d since push"},{"status":"pass","label":"License clarity","detail":"AGPL-3.0"},{"status":"info","label":"README/SKILL.md completeness","detail":"Public metadata needs stronger README/SKILL.md context"},{"status":"pass","label":"Dependency/runtime risk","detail":"no major dependency risk hints in public metadata"},{"status":"pass","label":"Install availability","detail":"npx skills add coder/coder"},{"status":"pass","label":"Install command safety","detail":"standard package or runtime install path"},{"status":"pass","label":"Permission surface","detail":"filesystem or document access"},{"status":"pass","label":"Repository evidence","detail":"https://github.com/coder/coder"},{"status":"pass","label":"Review status","detail":"AI review data available"},{"status":"info","label":"Agent Proven outcomes","detail":"No agent outcome data yet"},{"status":"pass","label":"Ownership","detail":"Listing manually verified"},{"status":"info","label":"OpenAgentSkill usage","detail":"No local usage activity yet"},{"status":"info","label":"Agent outcomes","detail":"No agent outcome data yet"}],"strengths":["Manually verified listing","AI review approved","Install path is available","Repository evidence is available","Recently maintained repository","Large GitHub adoption signal","Install command has no obvious high-risk pattern"],"warnings":[],"evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"17d since push","license":"AGPL-3.0","repository":"https://github.com/coder/coder","install":"npx skills add coder/coder","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"installReadiness":{"ready":true,"command":"npx skills add coder/coder","policy":"agent_install_candidate","label":"Agent install candidate","notes":["Install path is available","Repository evidence is available","License is declared","No Agent Proven outcome evidence yet","17d since push"]},"agentCompatibility":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI"],"riskSummary":{"level":"low","label":"Low metadata risk","notes":["No major trust warnings detected from available metadata"]},"outcomeEvidence":{"total":0,"successes":0,"failures":0,"notRelevant":0,"successRate":null,"installAttempts":0,"riskBlocked":0,"setupRequired":0,"installSuccessRate":null,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"recentSuccessRate":null,"recentFailureRate":null,"uniqueAgents":0,"agentProvenScore":0,"agentProvenLabel":"Needs first agent run","lastOutcomeAt":null,"label":"No agent outcome data yet"},"autoInstall":{"allowed":true,"sandboxRequired":true,"policy":"agent_install_candidate","reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"bestFor":["devops","terraform","infrastructure","agents","dev-tools","development-environment"],"doNotUseFor":["Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"knownRisks":[]},"safety":{"score":87,"level":"safe_to_install","label":"Safe to install with normal review","safety_tier":{"tier":"verified","label":"Verified","badge":"VERIFIED","summary":"Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","auto_install_policy":"allow","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"auto_install_allowed":true,"human_review_required":false,"blocked":false,"audit_risk":"safe_to_try","permission_hints":[{"id":"network","label":"Network access","reason":"Skill likely fetches remote pages, APIs, repositories, or external services.","severity":"medium"},{"id":"filesystem","label":"Filesystem access","reason":"Skill may read or write project files, documents, generated artifacts, or local workspace state.","severity":"medium"}],"policy_warnings":[],"constraints_applied":{"max_risk":"medium","needs_install_command":true,"min_stars":0}},"safety_gate":{"tier":"verified","label":"Verified","badge":"VERIFIED","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","reasons":["Verified listing","Safe-to-try audit","87/100 agent safety score"]},"supply_profile":{"track":{"slug":"coding","label":"Coding and developer agents","shortLabel":"Coding","description":"Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills."},"scenario":{"label":"Coding agents","description":"I need a coding agent that can understand a repository, edit code, and review pull requests.","useCases":[{"slug":"coding-agents","title":"Coding agents"},{"slug":"rag-knowledge","title":"RAG and knowledge"},{"slug":"browser-automation","title":"Browser automation"}]},"applicableAgents":["Claude Code","CLI","Codex","Cursor","Go"],"install":{"ready":true,"command":"npx skills add coder/coder","primaryTarget":"CLI","targetCount":4},"githubQuality":{"stars":13509,"starsLabel":"14K","forks":1336,"license":"AGPL-3.0","qualityScore":100,"trustScore":92,"auditScore":95},"maintenance":{"status":"fresh","label":"17d since push","daysSincePush":17,"lastPushedAt":"2026-06-16T09:58:36+00:00"},"risk":{"level":"safe_to_try","label":"Safe to try","requiresReview":false,"notes":["No major risk signals from available metadata"]},"coverageTags":["Coding","Coding agents","devops","terraform","infrastructure","agents","dev-tools","development-environment"]},"audit":{"audit_score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"decision":{"readiness_score":100,"readiness_label":"Production-ready","headline":"Primary pick for Coding agents","role":"Primary pick","primary_fit":"Coding agents","best_for":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals"],"risks":["No OpenAgentSkill engagement data yet"],"next_steps":["Install it in a sandbox agent and run one Coding agents task end to end.","Compare output quality, latency, and failure behavior against at least one alternative.","Promote it into production only after reviewing repository permissions, license, and maintenance signals."]},"agent_readable_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"coder-coder","name":"Coder","description":"Secure environments for developers and their agents","category":"devops","url":"https://www.openagentskill.com/skills/coder-coder","repository":"https://github.com/coder/coder","github_repo":"coder/coder"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add coder/coder","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add coder/coder"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Coder\" agent skill from https://github.com/coder/coder. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Secure environments for developers and their agents"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Coder\" as a Claude Code skill from https://github.com/coder/coder. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Secure environments for developers and their agents"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Coder\" from https://github.com/coder/coder into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Secure environments for developers and their agents"}],"handoff_url":"https://www.openagentskill.com/api/skills/coder-coder/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/coder-coder"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"17d since push","license":"AGPL-3.0","repository":"https://github.com/coder/coder","install":"npx skills add coder/coder","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","agents","dev-tools","development-environment"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Coder in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"coder-coder (Coder)","install_command":"npx skills add coder/coder","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"coder-coder","task":"Use Coder in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/coder-coder","api":"https://www.openagentskill.com/api/agent/skills/coder-coder","audit":"https://www.openagentskill.com/skills/coder-coder/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=coder-coder&task=Use%20Coder%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Coder%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Coder%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/coder-coder/install","manifest":"https://www.openagentskill.com/api/registry/manifest/coder-coder"}},"machine_metadata":{"version":"openagentskill-agent-metadata-v2","skill":{"slug":"coder-coder","name":"Coder","description":"Secure environments for developers and their agents","category":"devops","url":"https://www.openagentskill.com/skills/coder-coder","repository":"https://github.com/coder/coder","github_repo":"coder/coder"},"suited_tasks":["Coding agents workflows","Claude Code teams","teams that value GitHub adoption signals","Inspect source files","Explain architecture","Patch bugs and verify changes","Chunk documents","Create embeddings"],"suited_agents":["Go","Terraform","Codex","Claude Code","Cursor","OpenAgentSkill CLI","CLI"],"install":{"command":"npx skills add coder/coder","ready":true,"targets":[{"id":"openagentskill-cli","label":"CLI","kind":"command","value":"npx skills add coder/coder"},{"id":"codex","label":"Codex","kind":"agent-prompt","value":"Install the \"Coder\" agent skill from https://github.com/coder/coder. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Secure environments for developers and their agents"},{"id":"claude-code","label":"Claude Code","kind":"agent-prompt","value":"Add \"Coder\" as a Claude Code skill from https://github.com/coder/coder. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Secure environments for developers and their agents"},{"id":"cursor","label":"Cursor","kind":"agent-prompt","value":"Turn \"Coder\" from https://github.com/coder/coder into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Secure environments for developers and their agents"}],"handoff_url":"https://www.openagentskill.com/api/skills/coder-coder/install","manifest_url":"https://www.openagentskill.com/api/registry/manifest/coder-coder"},"trust":{"score":92,"label":"Production candidate","version":"trust-score-v4","install_policy":"agent_install_candidate","evidence":{"stars":"14K GitHub stars","repoActivity":"14K stars, 1.3K forks","lastPushed":"17d since push","license":"AGPL-3.0","repository":"https://github.com/coder/coder","install":"npx skills add coder/coder","installSafety":"standard package or runtime install path","permissionSurface":"filesystem or document access","documentation":"Usable metadata, review docs","agentOutcomes":"No agent outcome data yet"},"outcome_evidence":{"total":0,"successes":0,"failures":0,"not_relevant":0,"success_rate":null,"recent_success_rate":null,"recent_failure_rate":null,"install_attempts":0,"install_success_rate":null,"risk_blocked":0,"setup_required":0,"avg_output_quality":null,"production_outcomes":0,"last_outcome_at":null,"label":"No agent outcome data yet"},"auto_install":{"allowed":true,"sandbox_required":true,"reason":"Trust Score v4 allows sandbox-first agent installation after normal workspace review."},"best_for":["devops","terraform","infrastructure","agents","dev-tools","development-environment"],"known_risks":[]},"agent_proven":{"version":"agent-proven-v1","score":0,"tier":"unproven","label":"Needs first agent run","summary":"No agent outcome reports yet. Use Resolve, run one narrow sandbox task, then report the result.","metrics":{"totalOutcomes":0,"successfulOutcomes":0,"failedOutcomes":0,"installAttempts":0,"installSuccessRate":null,"successRate":null,"recentSuccessRate":null,"recentFailureRate":null,"riskBlocked":0,"setupRequired":0,"notRelevant":0,"avgOutputQuality":null,"avgTimeToUsefulMs":null,"productionOutcomes":0,"humanReviewRequired":0,"uniqueAgents":0,"lastOutcomeAt":null},"signals":[],"penalties":["No real agent outcome evidence yet"]},"audit":{"score":95,"risk_level":"safe_to_try","risk_label":"Safe to try","warnings":[]},"safety_gate":{"tier":"verified","label":"Verified","auto_install_policy":"allow","auto_install_allowed":true,"human_review_required":false,"blocked":false,"recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task."},"quality":{"score":100,"label":"Excellent"},"supply":{"track":"Coding and developer agents","scenario":"Coding agents","maintenance":"17d since push","risk":"Safe to try"},"alternative_skills":[],"do_not_use_when":["teams that need a vendor-supported SLA","high-compliance environments without internal security review","No OpenAgentSkill engagement data yet","No major trust warnings detected from available metadata","Production credentials, payments, or irreversible account changes without explicit human review","Sensitive private data before reviewing repository code, license, and permission surface"],"agent_contract":{"task_input":"Use Coder in an agent workflow","recommended_action":"Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.","install_policy":"allow","minimum_review_before_use":["Trust: 92/100 Production candidate","Audit: 95/100 Safe to try","Safety: 87/100 Safe to install with normal review","Review repository, license, install command, and permission surface before production use."],"expected_agent_output":{"selected_skill":"coder-coder (Coder)","install_command":"npx skills add coder/coder","risk_summary":"Safe to try; Verified; Low metadata risk","verification_result":"Report the smallest successful task, files touched, warnings, and any missing setup."}},"outcome_feedback":{"endpoint":"https://www.openagentskill.com/api/agent/outcome","method":"POST","requires_resolve_event_id":true,"event_id_source":"Use install_receipt.outcome_feedback.event_id or feedback.event_id returned by /api/agent/resolve for the current task.","expected_outcomes":["success","failed","not_relevant","blocked_by_risk","setup_required"],"payload_template":{"event_id":"<install_receipt.outcome_feedback.event_id or feedback.event_id from /api/agent/resolve>","skill_slug":"coder-coder","task":"Use Coder in an agent workflow","agent":"codex","outcome":"success","install_used":true,"risk_blocked":false,"setup_required":false,"task_success":true,"output_quality":4,"error_type":null,"human_review_required":false,"workspace":"sandbox","time_to_useful_ms":120000,"notes":"Report the smallest successful task, setup friction, files touched, and risk notes."}},"endpoints":{"web":"https://www.openagentskill.com/skills/coder-coder","api":"https://www.openagentskill.com/api/agent/skills/coder-coder","audit":"https://www.openagentskill.com/skills/coder-coder/audit","eval":"https://www.openagentskill.com/api/agent/evals?slug=coder-coder&task=Use%20Coder%20in%20an%20agent%20workflow&max_risk=medium","resolve":"https://www.openagentskill.com/api/agent/resolve?task=Use%20Coder%20in%20an%20agent%20workflow&agent=codex&max_risk=medium","receipt":"https://www.openagentskill.com/api/agent/receipt?task=Use%20Coder%20in%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text","install":"https://www.openagentskill.com/api/skills/coder-coder/install","manifest":"https://www.openagentskill.com/api/registry/manifest/coder-coder"}},"platforms":["Go","Terraform","Claude Code"],"use_cases":[{"slug":"coding-agents","title":"Coding agents","url":"https://www.openagentskill.com/use-cases/coding-agents"},{"slug":"rag-knowledge","title":"RAG and knowledge","url":"https://www.openagentskill.com/use-cases/rag-knowledge"},{"slug":"browser-automation","title":"Browser automation","url":"https://www.openagentskill.com/use-cases/browser-automation"},{"slug":"workflow-automation","title":"Workflow automation","url":"https://www.openagentskill.com/use-cases/workflow-automation"}],"install":"npx skills add coder/coder","install_targets":[{"id":"openagentskill-cli","label":"CLI","title":"OpenAgentSkill CLI","kind":"command","value":"npx skills add coder/coder","description":"Use the registry command when your workflow supports the OpenAgentSkill installer.","copyLabel":"Copy command"},{"id":"codex","label":"Codex","title":"Codex install prompt","kind":"agent-prompt","value":"Install the \"Coder\" agent skill from https://github.com/coder/coder. Read its SKILL.md or equivalent instructions first, install only the files needed for this workspace, and summarize any required setup before using it. Skill purpose: Secure environments for developers and their agents","description":"Give Codex a repo-aware install prompt when the skill is not available through a local CLI.","copyLabel":"Copy prompt"},{"id":"claude-code","label":"Claude Code","title":"Claude Code skill prompt","kind":"agent-prompt","value":"Add \"Coder\" as a Claude Code skill from https://github.com/coder/coder. Inspect the skill instructions, place the reusable skill files in the appropriate local skills location for this project, and report the activation steps. Skill purpose: Secure environments for developers and their agents","description":"Use this prompt to ask Claude Code to add the skill and explain the local activation steps.","copyLabel":"Copy prompt"},{"id":"cursor","label":"Cursor","title":"Cursor rule prompt","kind":"agent-prompt","value":"Turn \"Coder\" from https://github.com/coder/coder into a reusable Cursor project rule or agent instruction. Preserve the core workflow, adapt paths to this repo, and keep the rule scoped to tasks where it is relevant. Skill purpose: Secure environments for developers and their agents","description":"Use this when installing as Cursor project rules or reusable agent instructions.","copyLabel":"Copy prompt"}],"repository":"https://github.com/coder/coder","github_repo":"coder/coder","version":"1.0.0","license":"AGPL-3.0","updated_at":"2026-06-16T10:02:00.840751+00:00","canonical_key":"coder/coder","recommendation_reasons":["Matches task terms: terraform, security","Strong GitHub adoption: 13,509 stars","Quality score 72/100","Install handoff is available","Repository freshness signal is available"],"urls":{"web":"https://www.openagentskill.com/skills/coder-coder","api":"https://www.openagentskill.com/api/agent/skills/coder-coder","install_api":"https://www.openagentskill.com/api/skills/coder-coder/install","audit":"https://www.openagentskill.com/skills/coder-coder/audit","repository":"https://github.com/coder/coder"}}],"meta":{"endpoint":"/api/skills/search","canonical_agent_endpoint":"/api/agent/resolve","safety_policy":"Blocked candidates are excluded by default. Pass include_blocked=true only for manual audit workflows.","agent_friendly":true,"api_version":"1.0","generated_at":"2026-07-03T23:17:33.544Z"}}