Skill comparison

Compare agent skills before installing.

Put high-signal skills side by side and inspect quality, adoption, freshness, install readiness, use-case fit, and warnings in one place.

Comparing 4 skills

Use this as a shortlist, then open the skill detail page before adopting.

Add more skills

Decision summary

Zaproxy is the strongest overall pick here because it has a 100/100 readiness score and fits Coding agents.

Strongest overall

Zaproxy

Use this as a leading candidate, then validate the README and install path in your own agent stack.

Fastest prototype

Zaproxy

Best first install candidate based on install readiness and adoption.

Freshest repo

Osv Scanner

Most recent maintenance signal among this shortlist.

SignalLog4j Detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Osv Scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Zaproxy

The ZAP by Checkmarx Core project

Quality
49/100
Needs review
100/100
Excellent
100/100
Excellent
100/100
Excellent
Decision verdict
51/100
Needs manual review

Do a manual repository review before adding this to an agent workflow.

100/100
Production-ready

Use this as a leading candidate, then validate the README and install path in your own agent stack.

100/100
Production-ready

Use this as a leading candidate, then validate the README and install path in your own agent stack.

100/100
Production-ready

Use this as a leading candidate, then validate the README and install path in your own agent stack.

Adoption640 stars
0 installs
12K stars
0 installs
11K stars
0 installs
15K stars
0 installs
FreshnessMar 10, 2022Jun 12, 2026Jun 20, 2026Jun 11, 2026
Use-case fit
Stack fit
Platform hintsJava, Security, Claude CodeGo, Security, Claude CodeGo, Security, Claude CodeJava, Security, Claude Code
WarningsRepository looks stale · No OpenAgentSkill engagement data yetNo OpenAgentSkill engagement data yetNo OpenAgentSkill engagement data yetNo OpenAgentSkill engagement data yet
Best forWorkflow automation workflows · Claude Code teams · teams that value GitHub adoption signalsSecurity and compliance workflows · Claude Code teams · teams that value GitHub adoption signalsSecurity and compliance workflows · Claude Code teams · teams that value GitHub adoption signalsCoding agents workflows · Claude Code teams · teams that value GitHub adoption signals
Not ideal forteams that require actively maintained dependencies · production agents without a repository reviewteams that need a vendor-supported SLA · high-compliance environments without internal security reviewteams that need a vendor-supported SLA · high-compliance environments without internal security reviewteams that need a vendor-supported SLA · high-compliance environments without internal security review
OpenAgentSkill engagement0 views
0 install copies
0 views
0 install copies
0 views
0 install copies
0 views
0 install copies
Install
$ npx skills add mergebase/log4j-detector
$ npx skills add future-architect/vuls
$ npx skills add google/osv-scanner
$ npx skills add zaproxy/zaproxy