Pre-install eval
SingleFileZ eval report.
A machine-readable install decision for agents: task fit, Trust Score, Audit Score, install safety, permission surface, and a concrete validation plan before this skill touches a workspace.
do not auto install
Permission surface: shell or command execution, filesystem or document access
Required gates
Checks an agent must pass before install
Task fit
84
Task wording matches this skill metadata.
- Evaluate SingleFileZ before installing it in an agent workflow
- browser-automation
- Web scraping workflows; Claude Code teams; teams that value GitHub adoption signals
Install path
92
Install handoff is available.
- npx skills add gildas-lormeau/SingleFileZ
Install command safety
92
standard package or runtime install path
- npx skills add gildas-lormeau/SingleFileZ
Trust score
83
Good trust signals with a few areas worth checking before rollout.
- Strong shortlist
- 1.9K GitHub stars
- AGPL-3.0
Audit score
88
Needs review
- Dependency or permission surface needs review
Agent safety gate
56
Sparse or mixed signals. Useful for discovery, but not for autonomous installation.
- Test manually in an isolated workspace and compare against safer alternatives.
- High-risk permission hints: Shell or command execution
License clarity
86
AGPL-3.0
- AGPL-3.0
Permission surface
48
shell or command execution, filesystem or document access
- Shell or command execution: high
- Browser automation: medium
- Network access: medium
Validation plan
What the agent should do next
- 1Inspect repository, README/SKILL.md, license, and recent commits before production use.
- 2Install in an isolated workspace or sandbox with no production secrets available.
- 3Run the smallest representative task and record files touched, commands run, network access, and outputs.
- 4Compare the selected skill against at least one alternative when the eval status is review or failed.
- 5Promote only after the agent reports a successful verification result and unresolved warnings are accepted.
Do not use when
Conditions that require another skill
- teams that need a vendor-supported SLA
- high-compliance environments without internal security review
- No major risk signals from current metadata
- High-risk permission hints: Shell or command execution
- Dependency or permission surface needs review
- Permission surface may require sandboxing
Supporting checks
Trust signals behind the decision
README/SKILL.md completeness
pass90
Metadata includes enough usage and workflow context
Recent maintenance
pass88
2mo since push
Alternatives available
pass82
Alternative skills are available for comparison.