Skill audit report

Gitleaks Action audit report.

Protect your secrets using Gitleaks-Action

EXPERIMENTAL · REVIEWNeeds reviewGenerated Jun 17, 2026Heuristic metadata audit

Audit

Trust

Quality

Security

100

Maintain

Install

OpenAgentSkill Trust Score

Strong shortlist

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

600 GitHub stars

Stars/forks activity

INFO

600 stars, 191 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

100

7d since push

License clarity

WARN

Unknown

README/SKILL.md completeness

WARN

Public metadata needs stronger README/SKILL.md context

Dependency/runtime risk

INFO

credential or environment access

Install availability

PASS

npx skills add gitleaks/gitleaks-action

Install command safety

PASS

standard package or runtime install path

Permission surface

INFO

secrets or environment access

Repository evidence

PASS

https://github.com/gitleaks/gitleaks-action

Review status

PASS

AI review data available

Checks

Install and adoption review

7 passed · 9 review

Install path

PASS

npx skills add gitleaks/gitleaks-action

Repository

PASS

https://github.com/gitleaks/gitleaks-action

License

CHECK

Unknown

Maintenance

100

PASS

7d since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

CHECK

credential or environment access

Install command safety

PASS

standard package or runtime install path

Permission surface

CHECK

secrets or environment access

Stars/forks activity

CHECK

600 stars, 191 forks; issue activity unavailable in current metadata

Adoption

PASS

600 GitHub stars

Warnings

License is unclear
Quality score needs review
Documentation summary is thin
License clarity: Unknown
README/SKILL.md completeness: Public metadata needs stronger README/SKILL.md context

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add gitleaks/gitleaks-action

Signals

Audit score: 81/100
Quality: 74/100
Trust: 76/100
Install safety: 92/100
Permission surface: 74/100
Maintenance: 7d since push
Events: No events yet
GitHub stars: 600
Last push: Jun 10, 2026

Agent safety v2

57/100 · Review before install

Experimentalreview

Sparse or mixed signals. Useful for discovery, but not for autonomous installation.

Test manually in an isolated workspace and compare against safer alternatives.

High-risk permission hints: Secrets or environment access
57/100 agent safety score

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Secrets or environment access

high

Skill metadata references credentials, tokens, environment variables, or secret-bearing workflows.

High-risk permission hints: Secrets or environment access
License is unclear

Back to skill Alternatives Audit badge SVG

Compare nearby options

Related skills to audit next

Gemini CLI

Bring a coding agent directly into the terminal

105K stars · Audit report

System Prompts And Models Of AI Tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI, VSCode Agent, Warp.dev, Windsurf, Xcode, Z.ai Code, Dia & v0. (And other Open Sourced) System Prompts, Internal Tools & AI Models

139K stars · Audit report

Caveman

🪨 why use many token when few token do trick — Claude Code skill that cuts 65% of tokens by talking like caveman

72K stars · Audit report