Skill comparison
Compare agent skills before installing.
Comparing 4 skills
Use this as a shortlist, then open the skill detail page before adopting.
Decision summary
Sleuthkit is the strongest overall pick here because it has a 100/100 readiness score and fits Workflow automation.
Strongest overall
Sleuthkit
Use this as a leading candidate, then validate the README and install path in your own agent stack.
Fastest prototype
Sleuthkit
Best first install candidate based on install readiness and adoption.
Freshest repo
Sleuthkit
Most recent maintenance signal among this shortlist.
| Signal | KQL Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint. | Sleuthkit The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. | Incident Response Docs PagerDuty's Incident Response Documentation. | CyberThreatHunting A collection of resources for Threat Hunters |
|---|---|---|---|---|
| Quality | 48/100 Needs review | 100/100 Excellent | 96/100 Excellent | 56/100 Promising |
| Decision verdict | 38/100 Needs manual review Do a manual repository review before adding this to an agent workflow. | 100/100 Production-ready Use this as a leading candidate, then validate the README and install path in your own agent stack. | 100/100 Production-ready Use this as a leading candidate, then validate the README and install path in your own agent stack. | 58/100 Prototype first Prototype with this skill first; keep a fallback candidate ready. |
| Adoption | 491 stars 0 installs | 3.1K stars 0 installs | 1.0K stars 0 installs | 915 stars 0 installs |
| Freshness | Nov 22, 2024 | Jun 12, 2026 | Apr 9, 2026 | Oct 15, 2024 |
| Use-case fit | ||||
| Stack fit | ||||
| Platform hints | Incident Response, Claude Code | C, Incident Response, Claude Code | Dockerfile, Incident Response, Claude Code | Python, Incident Response, Claude Code |
| Warnings | Repository looks stale · No OpenAgentSkill engagement data yet | No OpenAgentSkill engagement data yet | No OpenAgentSkill engagement data yet | Repository looks stale · No OpenAgentSkill engagement data yet |
| Best for | Workflow automation workflows · Claude Code teams · builders willing to evaluate younger projects | Workflow automation workflows · Claude Code teams · teams that value GitHub adoption signals | Workflow automation workflows · Claude Code teams · teams that value GitHub adoption signals | GitHub automation workflows · Claude Code teams · teams that value GitHub adoption signals |
| Not ideal for | teams that require actively maintained dependencies · production agents without a repository review | teams that need a vendor-supported SLA · high-compliance environments without internal security review | teams that need a vendor-supported SLA · high-compliance environments without internal security review | teams that require actively maintained dependencies · production agents without a repository review |
| OpenAgentSkill engagement | 0 views 0 install copies | 0 views 0 install copies | 0 views 0 install copies | 0 views 0 install copies |
| Install | $ npx skills add LearningKijo/KQL | $ npx skills add sleuthkit/sleuthkit | $ npx skills add PagerDuty/incident-response-docs | $ npx skills add A3sal0n/CyberThreatHunting |