Skill audit report
Infisical audit report.
Infisical is the open-source platform for secrets, certificates, and privileged access management.
OpenAgentSkill Trust Score
Stars, maintenance, license, docs, install safety, permission surface, and installability.
The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.
GitHub adoption
PASS100
27K GitHub stars
Stars/forks activity
PASS97
27K stars, 2.0K forks; issue activity unavailable in current metadata
Recent maintenance
PASS100
13d since push
License clarity
WARN42
Unknown
README/SKILL.md completeness
PASS90
Metadata includes enough usage and workflow context
Dependency/runtime risk
WARN54
command execution surface, credential or environment access
Install availability
PASS92
npx skills add Infisical/infisical
Install command safety
PASS92
standard package or runtime install path
Permission surface
FAIL36
secrets or environment access, shell or command execution
Repository evidence
PASS86
https://github.com/Infisical/infisical
Review status
PASS88
AI review data available
Agent Proven outcomes
INFO54
No agent outcome data yet
Checks
Install and adoption review
Install path
92
npx skills add Infisical/infisical
Repository
88
https://github.com/Infisical/infisical
License
45
Unknown
Maintenance
100
13d since push
AI review
88
Approved with no listed issues
README/SKILL.md completeness
90
Usable description available
Dependency risk
54
command execution surface, credential or environment access
Install command safety
92
standard package or runtime install path
Permission surface
36
secrets or environment access, shell or command execution
Stars/forks activity
97
27K stars, 2.0K forks; issue activity unavailable in current metadata
Adoption
88
27K GitHub stars
Warnings
- License is unclear
- Dependency or permission surface needs review
- Permission surface may require sandboxing
- Permission surface needs review: secrets or environment access, shell or command execution
- License clarity: Unknown
- Dependency/runtime risk: command execution surface, credential or environment access
- Permission surface: secrets or environment access, shell or command execution
Method
This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.
Compare nearby options
Related skills to audit next
Maigret
🕵️♂️ Collect a dossier on a person by username from 3000+ sites
33K stars · Audit report
Nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
29K stars · Audit report
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
16K stars · Audit report