Skill audit report
David Ondrej Skills audit report.
Official Agent Skills for coding agents, research, workflow orchestration, docs, ops, and skill authoring.
OpenAgentSkill Trust Score
Stars, maintenance, license, docs, install safety, permission surface, and installability.
The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.
GitHub adoption
INFO76
968 GitHub stars
Stars/forks activity
WARN60
968 stars, 0 forks; issue activity unavailable in current metadata
Recent maintenance
PASS100
1d since push
License clarity
PASS86
MIT
README/SKILL.md completeness
INFO66
Public metadata needs stronger README/SKILL.md context
Dependency/runtime risk
PASS90
no major dependency risk hints in public metadata
Install availability
PASS92
npx skills add davidondrej/skills
Install command safety
PASS92
standard package or runtime install path
Permission surface
PASS100
no high-risk permission surface in public metadata
Repository evidence
PASS86
https://github.com/davidondrej/skills
Review status
PASS90
AI review data available
Agent Proven outcomes
INFO54
No agent outcome data yet
Checks
Install and adoption review
Install path
92
npx skills add davidondrej/skills
Repository
88
https://github.com/davidondrej/skills
License
86
MIT
Maintenance
100
1d since push
AI review
88
Approved with no listed issues
README/SKILL.md completeness
84
Usable description available
Dependency risk
90
no major dependency risk hints in public metadata
Install command safety
92
standard package or runtime install path
Permission surface
100
no high-risk permission surface in public metadata
Stars/forks activity
60
968 stars, 0 forks; issue activity unavailable in current metadata
Adoption
88
968 GitHub stars
Warnings
- Documentation summary is thin
- Stars/forks activity: 968 stars, 0 forks; issue activity unavailable in current metadata
Method
This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.