OpenAgentSkill guide
Best security and compliance skills for AI agents
Explore skills for vulnerability checks, secret scanning, dependency review, policy validation, and security-aware automation.
When to use this guide
Start from the job, then shortlist the tools.
Scan dependencies
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Find exposed secrets
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Review security findings
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Prepare audit notes
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Shortlist
Top skills to evaluate
A marketplace for AI-assisted security analysis and auditing plugins.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
A comprehensive library of over 1,273 agentic skills for various AI coding assistants, featuring clear documentation and installation instructions.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Best fit: Solid option that is likely worth shortlisting for production workflows.
A lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
ScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
A powerful browser crawler for web vulnerability scanners
Best fit: Solid option that is likely worth shortlisting for production workflows.
Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, DeepSeek, and more. Simple declarative configs with command line and CI/CD integration. Used by OpenAI and Anthropic.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
Best fit: Solid option that is likely worth shortlisting for production workflows.
Fully autonomous AI Agents system capable of performing complex penetration testing tasks
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Find web directories without bruteforce
Best fit: Useful candidate, but compare it with alternatives before adopting.