Star0

Skill audit report

Shelve audit report.

Open-source secret & environment management. Secure, simple, collaborative. CLI & Github Sync

EXPERIMENTAL · REVIEWNeeds reviewGenerated Jun 23, 2026Heuristic metadata audit
84
Audit
76
Trust
84
Quality
79
Security
100
Maintain
92
Install

OpenAgentSkill Trust Score

76
Strong shortlist

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

62

426 GitHub stars

Stars/forks activity

WARN

57

426 stars, 37 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

100

22d since push

License clarity

PASS

86

Apache-2.0

README/SKILL.md completeness

PASS

90

Metadata includes enough usage and workflow context

Dependency/runtime risk

WARN

54

command execution surface, credential or environment access

Install availability

PASS

92

npx skills add HugoRCD/shelve

Install command safety

PASS

92

standard package or runtime install path

Permission surface

FAIL

36

secrets or environment access, shell or command execution

Repository evidence

PASS

86

https://github.com/HugoRCD/shelve

Review status

PASS

88

AI review data available

Real agent outcomes

INFO

58

No agent outcome data yet

Checks

Install and adoption review

7 passed · 10 review

Install path

92

PASS

npx skills add HugoRCD/shelve

Repository

88

PASS

https://github.com/HugoRCD/shelve

License

86

PASS

Apache-2.0

Maintenance

100

PASS

22d since push

AI review

88

PASS

Approved with no listed issues

README/SKILL.md completeness

90

PASS

Usable description available

Dependency risk

54

FIX

command execution surface, credential or environment access

Install command safety

92

PASS

standard package or runtime install path

Permission surface

36

FIX

secrets or environment access, shell or command execution

Stars/forks activity

57

FIX

426 stars, 37 forks; issue activity unavailable in current metadata

Adoption

68

INFO

426 GitHub stars

Warnings

  • Dependency or permission surface needs review
  • Permission surface may require sandboxing
  • Quality score needs review
  • Permission surface needs review: secrets or environment access, shell or command execution
  • Stars/forks activity: 426 stars, 37 forks; issue activity unavailable in current metadata
  • Dependency/runtime risk: command execution surface, credential or environment access
  • Permission surface: secrets or environment access, shell or command execution

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Compare nearby options

Related skills to audit next

Opencode

The open source coding agent.

175K stars · Audit report

Puppeteer

JavaScript API for Chrome and Firefox

95K stars · Audit report

Codex

Lightweight coding agent that runs in your terminal

91K stars · Audit report