OpenAgentSkill guide
Best security and compliance skills for AI agents
Explore skills for vulnerability checks, secret scanning, dependency review, policy validation, and security-aware automation.
When to use this guide
Start from the job, then shortlist the tools.
Scan dependencies
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Find exposed secrets
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Review security findings
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Prepare audit notes
Use quality and freshness signals to decide whether a skill belongs in this workflow.
Shortlist
Top skills to evaluate
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
A static analysis security vulnerability scanner for Ruby on Rails applications
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
A vulnerability scanner for container images and filesystems
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.
Unified Policy as Code
Best fit: High-confidence pick with strong adoption and healthy maintenance signals.