Skill audit report

Appshark audit report.

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

REVIEWED · ALLOWSafe to tryGenerated Jun 17, 2026Heuristic metadata audit

Audit

Trust

Quality

Security

Maintain

Install

OpenAgentSkill Trust Score

Production candidate

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

PASS

1.7K GitHub stars

Stars/forks activity

INFO

1.7K stars, 180 forks; issue activity unavailable in current metadata

Recent maintenance

INFO

4mo since push

License clarity

PASS

Apache-2.0

README/SKILL.md completeness

PASS

Metadata includes enough usage and workflow context

Dependency/runtime risk

PASS

no major dependency risk hints in public metadata

Install availability

PASS

npx skills add bytedance/appshark

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Repository evidence

PASS

https://github.com/bytedance/appshark

Review status

PASS

AI review data available

Checks

Install and adoption review

9 passed · 2 review

Install path

PASS

npx skills add bytedance/appshark

Repository

PASS

https://github.com/bytedance/appshark

License

PASS

Apache-2.0

Maintenance

CHECK

4mo since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

PASS

no major dependency risk hints in public metadata

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Stars/forks activity

CHECK

1.7K stars, 180 forks; issue activity unavailable in current metadata

Adoption

PASS

1.7K GitHub stars

Warnings

No major warnings detected from available metadata.

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add bytedance/appshark

Signals

Audit score: 89/100
Quality: 94/100
Trust: 91/100
Install safety: 92/100
Permission surface: 86/100
Maintenance: 4mo since push
Events: 3 events
GitHub stars: 1.7K
Last push: Mar 4, 2026

Agent safety v2

81/100 · Safe to install with normal review

Reviewedallow

Good audit and safety signals with no high-risk permission hints in public metadata.

Review the audit page, then allow agent install in a sandboxed workflow.

Safe-to-try audit
81/100 agent safety score

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Filesystem access

medium

Skill may read or write project files, documents, generated artifacts, or local workspace state.

Back to skill Alternatives Audit badge SVG

Compare nearby options

Related skills to audit next

Gemini CLI

Bring a coding agent directly into the terminal

105K stars · Audit report

System Prompts And Models Of AI Tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI, VSCode Agent, Warp.dev, Windsurf, Xcode, Z.ai Code, Dia & v0. (And other Open Sourced) System Prompts, Internal Tools & AI Models

139K stars · Audit report

Caveman

🪨 why use many token when few token do trick — Claude Code skill that cuts 65% of tokens by talking like caveman

72K stars · Audit report