Skill audit report

Gollum audit report.

A simple, Git-powered wiki with a local frontend and support for many kinds of markup and content.

REVIEWED · ALLOWSafe to tryGenerated Jun 17, 2026Heuristic metadata audit

Audit

Trust

Quality

Security

Maintain

Install

OpenAgentSkill Trust Score

Production candidate

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

PASS

100

14K GitHub stars

Stars/forks activity

PASS

14K stars, 1.6K forks; issue activity unavailable in current metadata

Recent maintenance

INFO

7mo since push

License clarity

PASS

MIT

README/SKILL.md completeness

PASS

Metadata includes enough usage and workflow context

Dependency/runtime risk

PASS

no major dependency risk hints in public metadata

Install availability

PASS

npx skills add gollum/gollum

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Repository evidence

PASS

https://github.com/gollum/gollum

Review status

PASS

AI review data available

Checks

Install and adoption review

10 passed · 1 review

Install path

PASS

npx skills add gollum/gollum

Repository

PASS

https://github.com/gollum/gollum

License

PASS

MIT

Maintenance

CHECK

7mo since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

PASS

no major dependency risk hints in public metadata

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Stars/forks activity

PASS

14K stars, 1.6K forks; issue activity unavailable in current metadata

Adoption

PASS

14K GitHub stars

Warnings

No major warnings detected from available metadata.

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add gollum/gollum

Signals

Audit score: 89/100
Quality: 97/100
Trust: 93/100
Install safety: 92/100
Permission surface: 86/100
Maintenance: 7mo since push
Events: No events yet
GitHub stars: 14K
Last push: Nov 24, 2025

Agent safety v2

81/100 · Safe to install with normal review

Reviewedallow

Good audit and safety signals with no high-risk permission hints in public metadata.

Review the audit page, then allow agent install in a sandboxed workflow.

Safe-to-try audit
81/100 agent safety score

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Filesystem access

medium

Skill may read or write project files, documents, generated artifacts, or local workspace state.

Back to skill Alternatives Audit badge SVG

Compare nearby options

Related skills to audit next

Markitdown

Python tool for converting files and office documents to Markdown.

154K stars · Audit report

PaddleOCR

Turn any PDF or image document into structured data for your AI. A powerful, lightweight OCR toolkit that bridges the gap between images/PDFs and LLMs. Supports 100+ languages.

82K stars · Audit report

Stirling PDF

#1 PDF Application on GitHub that lets you edit PDFs on any device anywhere

81K stars · Audit report