Drogonsec
High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!
Supply asset profile
Coding and developer agents
Code review, repo analysis, testing, CI, GitHub, DevOps, and developer workflow skills.
Scenario
Coding agents
I need a coding agent that can understand a repository, edit code, and review pull requests.
Agent fit
Claude Code + CLI + Codex
Codex, Claude Code, Cursor, CLI, or custom agents.
Install
Ready
npx skills add filipi86/drogonsec
Maintenance
fresh
10d since push
Risk
Needs review
License is unclear
GitHub quality
146
74/100 quality · 75/100 trust
Coverage tags
Review notes
License is unclear · Permission surface may require sandboxing
Agent adoption scorecard
Trust, audit, and install readiness at a glance
These scores combine public repository metadata, OpenAgentSkill review signals, maintenance freshness, and install readiness. They are a shortlist signal, not a replacement for human review.
Quality
StrongSolid option that is likely worth shortlisting for production workflows.
Trust
Sandbox onlyUseful candidate with missing or mixed trust signals. Keep it in an isolated workspace until the outcome loop proves task fit.
Audit
Needs reviewInstall readiness, security metadata, maintenance, and adoption risk.
Trust Score v5
Human review before install
Run only in a sandbox and compare close alternatives before using it for real work.
Stars
146 GitHub stars
Repo activity
146 stars, 40 forks
Maintenance
10d since push
License
Unknown
Install
npx skills add filipi86/drogonsec
Install safety
standard package or runtime install path
Permission surface
secrets or environment access, filesystem or document access
Agent outcomes
No agent outcome data yet
Docs
Strong README/SKILL.md context
Risk summary
Review before production
- License is unclear
- Quality score needs review
- Permission surface needs review: secrets or environment access, filesystem or document access
- Stars/forks activity: 146 stars, 40 forks; issue activity unavailable in current metadata
Install readiness
Install path available
- Install path is available
- Repository evidence is available
- License is unclear
- No Agent Proven outcome evidence yet
Agent-readable metadata
Machine-readable decision data for this skill.
Use this block or the embedded JSON to decide whether an agent should install this skill, choose an alternative, or ask for human review first.
Suited tasks
- Security and compliance workflows
- Claude Code teams
- builders willing to evaluate younger projects
- Inspect risky files
Suited agents
Install decision
- Command
- npx skills add filipi86/drogonsec
- Policy
- review
- Human review
- yes
Trust and risk
- Trust
- 67/100
- Audit
- 80/100
- Risk level
- Needs review
Outcome loop
- Endpoint
- /api/agent/outcome
- Event ID
- resolve
- Outcomes
- 5
Do not use when
- teams that need a vendor-supported SLA
- high-compliance environments without internal security review
- No OpenAgentSkill engagement data yet
- High-risk permission hints: Secrets or environment access
- License is unclear
Agent safety v2
52/100 · Avoid automatic install
Sparse or mixed signals. Useful for discovery, but not for autonomous installation.
Test manually in an isolated workspace and compare against safer alternatives.
medium
Network access
Skill likely fetches remote pages, APIs, repositories, or external services.
medium
Filesystem access
Skill may read or write project files, documents, generated artifacts, or local workspace state.
high
Secrets or environment access
Skill metadata references credentials, tokens, environment variables, or secret-bearing workflows.
- High-risk permission hints: Secrets or environment access
- License is unclear
Install targets
Install this skill in your agent workflow
Copy the registry command or an agent-specific install prompt for Codex, Claude Code, and Cursor.
OpenAgentSkill CLI
Use the registry command when your workflow supports the OpenAgentSkill installer.
$ npx skills add filipi86/drogonsecAgent resolve plan
Let an agent verify fit before installing.
The Resolve API returns the selected skill, alternatives, safety policy, audit notes, install target, and copy-paste prompt an agent can follow without scraping this page.
Resolve JSON
/api/agent/resolve?task=Use%20Drogonsec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium
Resolve text
/api/agent/resolve?task=Use%20Drogonsec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text
Install handoff
/api/skills/filipi86-drogonsec/install
Agent should check
- Task fit and alternatives from Resolve API.
- Audit score, trust score, and safety policy warnings.
- Install target compatibility for Codex, Claude Code, Cursor, or CLI.
Copy prompt
Task: Use Drogonsec in this workspace.
Resolve first: https://www.openagentskill.com/api/agent/resolve?task=Use%20Drogonsec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium
Review install handoff: https://www.openagentskill.com/api/skills/filipi86-drogonsec/install
Install command: npx skills add filipi86/drogonsec
Before running it, summarize audit warnings, required permissions, and the fallback skill if install is risky.Agent handoff
Give an agent the install path, not another directory page.
Use the public install endpoint to fetch the command, safety checklist, target prompts, and canonical links for this skill.
Install handoff
/api/skills/filipi86-drogonsec/install
LLM text format
/api/skills/filipi86-drogonsec/install?format=text
Find alternatives
/api/skills/search?q=Drogonsec&limit=3
Agent prompt
Use Drogonsec for this task. Review https://www.openagentskill.com/api/skills/filipi86-drogonsec/install, then install with: npx skills add filipi86/drogonsecRegistry metadata
Agent-readable profile for automatic skill selection.
This page exposes the same decision, trust, audit, use-case, and install signals through the Registry API, so agents can rank this skill without scraping the UI.
Manifest
/api/registry/manifest/filipi86-drogonsec
LLM text
/api/registry/manifest/filipi86-drogonsec?format=text
Install alias
/api/registry/install/filipi86-drogonsec
Recommend
/api/registry/recommend?task=Use%20Drogonsec%20in%20an%20agent%20workflow&limit=3
Agent fit
Security and compliance
Platforms
Go, Security, Claude Code
Audit report
Needs review · 80/100
Review install readiness, maintenance, trust, quality, and metadata warnings before adding this skill to an agent workflow.
Agent decision cockpit
Companion skill for Security and compliance
Shortlist this skill and compare it with close alternatives before production adoption.
Role in stack
Companion skill
Primary fit
Security and compliance
Trust label
Strong shortlist
Install path
Command ready
Use when
- Security and compliance workflows
- Claude Code teams
- builders willing to evaluate younger projects
Evidence
- recent repository activity
- install command or GitHub repo available
- 74/100 quality profile
Review first
- No OpenAgentSkill engagement data yet
Implementation path
- 1Install it in a sandbox agent and run one Security and compliance task end to end.
- 2Compare output quality, latency, and failure behavior against at least one alternative.
- 3Promote it into production only after reviewing repository permissions, license, and maintenance signals.
Trust profile
Sandbox only
Useful candidate with missing or mixed trust signals. Keep it in an isolated workspace until the outcome loop proves task fit.
GitHub adoption
INFO146 GitHub stars
Stars/forks activity
CHECK146 stars, 40 forks; issue activity unavailable in current metadata
Recent maintenance
PASS10d since push
License clarity
CHECKUnknown
Good signals
- AI review approved
- Install path is available
- Repository evidence is available
- Recently maintained repository
- Install command has no obvious high-risk pattern
- Outcome loop is ready but needs first real agent run
Review before install
- License is unclear
- Quality score needs review
- Permission surface needs review: secrets or environment access, filesystem or document access
- Stars/forks activity: 146 stars, 40 forks; issue activity unavailable in current metadata
- License clarity: Unknown
- Permission surface: secrets or environment access, filesystem or document access
- No real agent outcome reports yet
- Human review required before unattended installation
Recommended action
Run only in a sandbox and compare close alternatives before using it for real work.
Quality profile
Strong candidate for agent workflows
Solid option that is likely worth shortlisting for production workflows.
Workflow fit
Use this skill in these scenarios
Reduce risk
Security and compliance
I need my agent to scan a project for security risks and summarize what needs attention.
Build and ship code
Coding agents
I need a coding agent that can understand a repository, edit code, and review pull requests.
Operate web apps
Browser automation
I need my agent to control a browser, fill forms, and verify web app workflows.
Stack fit
Add it to a complete workflow
Inspect, patch, and verify code
Coding review agent
A stack for software agents that inspect repositories, review pull requests, generate tests, and turn findings into shippable patches.
Operate and verify web apps
Browser QA agent
A stack for agents that navigate products, fill forms, take screenshots, and verify real user flows across web applications.
Turn skills into distribution
Content growth agent
A stack for turning newly indexed skills into SEO briefs, social drafts, comparison pages, and reusable publishing workflows.
Alternative shortlist
Compare before you install
Similar skills in this category, ranked with the same readiness and quality signals.
Maigret
🕵️♂️ Collect a dossier on a person by username from 3000+ sites
Nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Overview
High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!
Imported by the skill-only GitHub discovery pipeline because it matches agent skill, automation, domain workflow, RAG, document-processing, data, finance, security, or developer-tool signals. Protocol-server projects are excluded from automated imports.
Platform Compatibility
Technical Details
- Version
- 1.0.0
- License
- Unknown
- Last Updated
- 6/30/2026
- Published
- 6/27/2026
Frameworks & Tools
Decision snapshot
Companion skill
recent repository activity
Audit snapshot
Install review
Install and adoption review
- Security
- 76/100
- Maintenance
- 100/100
- Install
- 92/100
Agent-proven evidence
Agent Proven evidence
Outcome reports after resolve, review, install, and one narrow run.
- Success rate
- —
- Recent failure
- —
- Outcomes
- 0
- Output quality
- —
- Failed
- 0
- Not relevant
- 0
- Installs
- 0
- Risk blocked
- 0
- Setup needed
- 0
- Production
- 0
No agent outcome data yet. The first agent run can report success, setup needs, risk blocks, failure, or not-relevant through /api/agent/outcome.
Install
Add to agent workflow
Free and open source. Review the audit before production use.
Growth loop
Share kit
Scenario-led draft for Drogonsec, ready for a manual X post.
Most coding agents don't fail from lack of model power. They fail when repo context disappears. Drogonsec gives coding agents a repeatable way to plan, patch, review, or ship. 146 stars https://www.openagentskill.com/skills/filipi86-drogonsec?ref=x #AIAgents
Optional reply with install command
Listing + install path for Drogonsec: https://www.openagentskill.com/skills/filipi86-drogonsec?ref=x Install: npx skills add filipi86/drogonsec
Listing source
Community indexed
This listing was indexed from public sources and is not marked official until a maintainer claim is approved.
- Creator
- filipi86
- Source
- filipi86/drogonsec
- Indexed by
- OpenAgentSkill community index
Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals.
Claim this skillOwner claim
Claim this skill listing
This community indexed listing is attributed to filipi86 but is not marked official yet. Claim it to add a verified owner signal and make future launch, install, and audit updates easier to trust.
README badge
Add this badge to your GitHub README to show the listing, trust score, and install handoff.
[](https://www.openagentskill.com/skills/filipi86-drogonsec)Author
filipi86
@filipi86
Tags
Platform Fit
Health Signals
- GitHub stars
- 146
- Quality score
- 49/100
- Last GitHub push
- Jun 23, 2026
- Framework hints
- 2
- OpenAgentSkill views
- 0
- Install copies
- 0
- Outbound clicks
- 0
Community Signal
Share whether this skill looks useful for your agent workflow. Aggregated feedback improves rankings over time.
Trust & Safety
Sandbox only
- GitHub adoption146 GitHub starsINFO
- Stars/forks activity146 stars, 40 forks; issue activity unavailable in current metadataCHECK
- Recent maintenance10d since pushPASS
- License clarityUnknownCHECK
- README/SKILL.md completenessMetadata includes enough usage and workflow contextPASS
- Dependency/runtime riskcredential or environment accessINFO
Related Skills
Maigret
🕵️♂️ Collect a dossier on a person by username from 3000+ sites
32.9K stars · 0 installsNuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
29.2K stars · 0 installsInfisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
27.4K stars · 0 installsWazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
15.9K stars · 0 installs