Skill audit report
K7 audit report.
Your own self-hosted infra for lightweight VM sandboxes to safely execute untrusted code. CLI, API, Python SDK. ⭐ Star it if you like it! ⭐
OpenAgentSkill Trust Score
Stars, maintenance, license, docs, install safety, permission surface, and installability.
The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.
GitHub adoption
INFO76
783 GitHub stars
Stars/forks activity
INFO65
783 stars, 21 forks; issue activity unavailable in current metadata
Recent maintenance
INFO62
7mo since push
License clarity
PASS86
Apache-2.0
README/SKILL.md completeness
PASS90
Metadata includes enough usage and workflow context
Dependency/runtime risk
INFO64
command execution surface, network or browser surface
Install availability
PASS92
npx skills add Katakate/k7
Install command safety
PASS92
standard package or runtime install path
Permission surface
WARN48
shell or command execution, filesystem or document access
Repository evidence
PASS86
https://github.com/Katakate/k7
Review status
PASS88
AI review data available
Agent Proven outcomes
INFO54
No agent outcome data yet
Checks
Install and adoption review
Install path
92
npx skills add Katakate/k7
Repository
88
https://github.com/Katakate/k7
License
86
Apache-2.0
Maintenance
62
7mo since push
AI review
88
Approved with no listed issues
README/SKILL.md completeness
90
Usable description available
Dependency risk
64
command execution surface, network or browser surface
Install command safety
92
standard package or runtime install path
Permission surface
48
shell or command execution, filesystem or document access
Stars/forks activity
65
783 stars, 21 forks; issue activity unavailable in current metadata
Adoption
88
783 GitHub stars
Warnings
- Permission surface may require sandboxing
- Quality score needs review
- Permission surface needs review: shell or command execution, filesystem or document access
- Permission surface: shell or command execution, filesystem or document access
Method
This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.
Compare nearby options