OpenAgentSkill guide

Best security and compliance skills for AI agents

Explore skills for vulnerability checks, secret scanning, dependency review, policy validation, and security-aware automation.

When to use this guide

Start from the job, then shortlist the tools.

Scan dependencies

Use quality and freshness signals to decide whether a skill belongs in this workflow.

Find exposed secrets

Use quality and freshness signals to decide whether a skill belongs in this workflow.

Review security findings

Use quality and freshness signals to decide whether a skill belongs in this workflow.

Prepare audit notes

Use quality and freshness signals to decide whether a skill belongs in this workflow.

Shortlist

Top skills to evaluate

Compare top 4
#1LynisExcellent · 10016K stars

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#2VulsExcellent · 10012K stars

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#3Osv ScannerExcellent · 10011K stars

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#4BrakemanExcellent · 1007.2K stars

A static analysis security vulnerability scanner for Ruby on Rails applications

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#5NucleiExcellent · 10029K stars

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#6GrypeExcellent · 10013K stars

A vulnerability scanner for container images and filesystems

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#7OpaExcellent · 10012K stars

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#8KubescapeExcellent · 10011K stars

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#9ImmudbExcellent · 1009.0K stars

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.

#10KyvernoExcellent · 1007.8K stars

Unified Policy as Code

Best fit: High-confidence pick with strong adoption and healthy maintenance signals.