Skill audit report

Shai Hulud 2.0 Detector audit report.

Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.

EXPERIMENTAL · REVIEWNeeds reviewGenerated Jul 3, 2026Heuristic metadata audit
84
Audit
78
Trust
79
Quality
83
Security
100
Maintain
92
Install

OpenAgentSkill Trust Score

78
Strong shortlist

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

62

140 GitHub stars

Stars/forks activity

WARN

57

140 stars, 35 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

100

12d since push

License clarity

PASS

86

MIT

README/SKILL.md completeness

PASS

90

Metadata includes enough usage and workflow context

Dependency/runtime risk

INFO

72

credential or environment access

Install availability

PASS

92

npx skills add gensecaihq/Shai-Hulud-2.0-Detector

Install command safety

PASS

92

standard package or runtime install path

Permission surface

WARN

60

secrets or environment access, filesystem or document access

Repository evidence

PASS

86

https://github.com/gensecaihq/Shai-Hulud-2.0-Detector

Review status

PASS

88

AI review data available

Agent Proven outcomes

INFO

54

No agent outcome data yet

Checks

Install and adoption review

7 passed · 8 review

Install path

92

PASS

npx skills add gensecaihq/Shai-Hulud-2.0-Detector

Repository

88

PASS

https://github.com/gensecaihq/Shai-Hulud-2.0-Detector

License

86

PASS

MIT

Maintenance

100

PASS

12d since push

AI review

88

PASS

Approved with no listed issues

README/SKILL.md completeness

90

PASS

Usable description available

Dependency risk

72

CHECK

credential or environment access

Install command safety

92

PASS

standard package or runtime install path

Permission surface

60

CHECK

secrets or environment access, filesystem or document access

Stars/forks activity

57

FIX

140 stars, 35 forks; issue activity unavailable in current metadata

Adoption

68

INFO

140 GitHub stars

Warnings

  • Permission surface may require sandboxing
  • Quality score needs review
  • Permission surface needs review: secrets or environment access, filesystem or document access
  • Stars/forks activity: 140 stars, 35 forks; issue activity unavailable in current metadata
  • Permission surface: secrets or environment access, filesystem or document access

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Compare nearby options

Related skills to audit next