Lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Supply asset profile
Legal, policy, and compliance
Contract analysis, privacy, policy review, compliance checks, governance, and document risk review.
Scenario
Security and compliance
I need my agent to scan a project for security risks and summarize what needs attention.
Agent fit
Claude Code + CLI + Codex
Codex, Claude Code, Cursor, CLI, or custom agents.
Install
Ready
npx skills add lunasec-io/lunasec
Maintenance
stale
2y since push
Risk
Needs review
License is unclear
GitHub quality
1.5K
67/100 quality · 80/100 trust
Coverage tags
Review notes
License is unclear · Repository appears stale
Agent adoption scorecard
Trust, audit, and install readiness at a glance
These scores combine public repository metadata, OpenAgentSkill review signals, maintenance freshness, and install readiness. They are a shortlist signal, not a replacement for human review.
Quality
PromisingUseful candidate, but compare it with alternatives before adopting.
Trust
Strong shortlistGood trust signals with a few areas worth checking before rollout.
Audit
Needs reviewInstall readiness, security metadata, maintenance, and adoption risk.
Trust Score v3
Human review before install
Test in a sandbox workflow and compare its install path with close alternatives.
Stars
1.5K GitHub stars
Repo activity
1.5K stars, 167 forks
Maintenance
2y since push
License
Unknown
Install
npx skills add lunasec-io/lunasec
Install safety
standard package or runtime install path
Permission surface
filesystem or document access
Docs
Strong README/SKILL.md context
Risk summary
Review before production
- License is unclear
- Repository looks stale
- Quality score needs review
- Recent maintenance: 2y since push
Install readiness
Install path available
- Install path is available
- Repository evidence is available
- License is unclear
- 2y since push
Agent-readable metadata
Machine-readable decision data for this skill.
Use this block or the embedded JSON to decide whether an agent should install this skill, choose an alternative, or ask for human review first.
Suited tasks
- Security and compliance workflows
- Claude Code teams
- teams that value GitHub adoption signals
- Inspect risky files
- Prioritize findings
Suited agents
Trust and risk
- Trust score
- 80/100
- Risk level
- Needs review
- Auto install
- review
Do not use when
- teams that require actively maintained dependencies
- production agents without a repository review
- Repository looks stale
- License is unclear
- Repository appears stale
Agent safety v2
54/100 · Avoid automatic install
Sparse or mixed signals. Useful for discovery, but not for autonomous installation.
Test manually in an isolated workspace and compare against safer alternatives.
medium
Network access
Skill likely fetches remote pages, APIs, repositories, or external services.
medium
Filesystem access
Skill may read or write project files, documents, generated artifacts, or local workspace state.
- License is unclear
Install targets
Install this skill in your agent workflow
Copy the registry command or an agent-specific install prompt for Codex, Claude Code, and Cursor.
OpenAgentSkill CLI
Use the registry command when your workflow supports the OpenAgentSkill installer.
$ npx skills add lunasec-io/lunasecAgent resolve plan
Let an agent verify fit before installing.
The Resolve API returns the selected skill, alternatives, safety policy, audit notes, install target, and copy-paste prompt an agent can follow without scraping this page.
Resolve JSON
/api/agent/resolve?task=Use%20Lunasec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium
Resolve text
/api/agent/resolve?task=Use%20Lunasec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium&format=text
Install handoff
/api/skills/lunasec-io-lunasec/install
Agent should check
- Task fit and alternatives from Resolve API.
- Audit score, trust score, and safety policy warnings.
- Install target compatibility for Codex, Claude Code, Cursor, or CLI.
Copy prompt
Task: Use Lunasec in this workspace.
Resolve first: https://www.openagentskill.com/api/agent/resolve?task=Use%20Lunasec%20for%20an%20agent%20workflow&agent=codex&max_risk=medium
Review install handoff: https://www.openagentskill.com/api/skills/lunasec-io-lunasec/install
Install command: npx skills add lunasec-io/lunasec
Before running it, summarize audit warnings, required permissions, and the fallback skill if install is risky.Agent handoff
Give an agent the install path, not another directory page.
Use the public install endpoint to fetch the command, safety checklist, target prompts, and canonical links for this skill.
Install handoff
/api/skills/lunasec-io-lunasec/install
LLM text format
/api/skills/lunasec-io-lunasec/install?format=text
Find alternatives
/api/skills/search?q=Lunasec&limit=3
Agent prompt
Use Lunasec for this task. Review https://www.openagentskill.com/api/skills/lunasec-io-lunasec/install, then install with: npx skills add lunasec-io/lunasecRegistry metadata
Agent-readable profile for automatic skill selection.
This page exposes the same decision, trust, audit, use-case, and install signals through the Registry API, so agents can rank this skill without scraping the UI.
Manifest
/api/registry/manifest/lunasec-io-lunasec
LLM text
/api/registry/manifest/lunasec-io-lunasec?format=text
Install alias
/api/registry/install/lunasec-io-lunasec
Recommend
/api/registry/recommend?task=Use%20Lunasec%20in%20an%20agent%20workflow&limit=3
Agent fit
Security and compliance
Platforms
TypeScript, GDPR, Claude Code
Audit report
Needs review · 70/100
Review install readiness, maintenance, trust, quality, and metadata warnings before adding this skill to an agent workflow.
Agent decision cockpit
Fallback candidate for Security and compliance
Prototype with this skill first; keep a fallback candidate ready.
Role in stack
Fallback candidate
Primary fit
Security and compliance
Trust label
Prototype first
Install path
Command ready
Use when
- Security and compliance workflows
- Claude Code teams
- teams that value GitHub adoption signals
Evidence
- 1,470 GitHub stars
- install command or GitHub repo available
- 67/100 quality profile
- 1 OpenAgentSkill engagement events
Review first
- Repository looks stale
Implementation path
- 1Install it in a sandbox agent and run one Security and compliance task end to end.
- 2Compare output quality, latency, and failure behavior against at least one alternative.
- 3Promote it into production only after reviewing repository permissions, license, and maintenance signals.
Trust profile
Strong shortlist
Good trust signals with a few areas worth checking before rollout.
GitHub adoption
PASS1.5K GitHub stars
Stars/forks activity
INFO1.5K stars, 167 forks; issue activity unavailable in current metadata
Recent maintenance
FIX2y since push
License clarity
CHECKUnknown
Good signals
- Manually verified listing
- AI review approved
- Install path is available
- Repository evidence is available
- Meaningful GitHub adoption signal
- Install command has no obvious high-risk pattern
Review before install
- License is unclear
- Repository looks stale
- Quality score needs review
- Recent maintenance: 2y since push
- License clarity: Unknown
Recommended action
Test in a sandbox workflow and compare its install path with close alternatives.
Quality profile
Promising candidate for agent workflows
Useful candidate, but compare it with alternatives before adopting.
Workflow fit
Use this skill in these scenarios
Reduce risk
Security and compliance
I need my agent to scan a project for security risks and summarize what needs attention.
Review risk
Legal and compliance
I need my agent to review contracts, privacy policies, or compliance documents and summarize risks.
Build and ship code
Coding agents
I need a coding agent that can understand a repository, edit code, and review pull requests.
Stack fit
Add it to a complete workflow
Inspect, patch, and verify code
Coding review agent
A stack for software agents that inspect repositories, review pull requests, generate tests, and turn findings into shippable patches.
Turn skills into distribution
Content growth agent
A stack for turning newly indexed skills into SEO briefs, social drafts, comparison pages, and reusable publishing workflows.
Ingest, retrieve, and cite
RAG knowledge base
A stack for document-heavy agents that ingest files, create searchable knowledge, retrieve relevant context, and answer with grounded sources.
Alternative shortlist
Compare before you install
Similar skills in this category, ranked with the same readiness and quality signals.
Caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Win11Debloat
A simple, lightweight PowerShell script that allows you to remove pre-installed apps, disable telemetry, as well as perform various other changes to declutter and customize your Windows experience. Win11Debloat works for both Windows 10 and Windows 11.
AdGuardHome
Network-wide ads & trackers blocking DNS server
Web Check
🕵️♂️ All-in-one OSINT tool for analysing any website
Overview
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Imported by the skill-only GitHub discovery pipeline because it matches agent skill, automation, domain workflow, RAG, document-processing, data, finance, security, or developer-tool signals. Protocol-server projects are excluded from automated imports.
Platform Compatibility
Technical Details
- Version
- 1.0.0
- License
- Unknown
- Last Updated
- 6/16/2026
- Published
- 6/16/2026
Frameworks & Tools
Decision snapshot
Fallback candidate
1,470 GitHub stars
Audit snapshot
Install review
Install and adoption review
- Security
- 82/100
- Maintenance
- 20/100
- Install
- 92/100
Install
Add to agent workflow
Free and open source. Review the audit before production use.
Growth loop
Share kit
Scenario-led draft for Lunasec, ready for a manual X post.
OpenAgentSkill Update Today: Lunasec Use it when you want an agent to turn market noise into source-backed research, ranked candidates, and risk checks. 1.5K stars - legal-compliance Link: https://www.openagentskill.com/skills/lunasec-io-lunasec?ref=x #AIAgents #OpenAgentSkill
Optional reply with install command
Link for Lunasec: https://www.openagentskill.com/skills/lunasec-io-lunasec?ref=x Install: npx skills add lunasec-io/lunasec
Listing source
Community indexed
This listing was indexed from public sources and is not marked official until a maintainer claim is approved.
- Creator
- lunasec-io
- Source
- lunasec-io/lunasec
- Indexed by
- OpenAgentSkill community index
Attribution links to the public repository or creator profile. Creators can claim the listing to update ownership signals.
Claim this skillOwner claim
Claim this skill listing
This community indexed listing is attributed to lunasec-io but is not marked official yet. Claim it to add a verified owner signal and make future launch, install, and audit updates easier to trust.
README badge
Add this badge to your GitHub README to show the listing, trust score, and install handoff.
[](https://www.openagentskill.com/skills/lunasec-io-lunasec)Author
lunasec-io✓
@lunasec-io
Tags
Platform Fit
Health Signals
- GitHub stars
- 1.5K
- Quality score
- 49/100
- Last GitHub push
- May 2, 2024
- Framework hints
- 2
- OpenAgentSkill views
- 1
- Install copies
- 0
- Outbound clicks
- 0
Community Signal
Share whether this skill looks useful for your agent workflow. Aggregated feedback improves rankings over time.
Trust & Safety
Strong shortlist
- GitHub adoption1.5K GitHub starsPASS
- Stars/forks activity1.5K stars, 167 forks; issue activity unavailable in current metadataINFO
- Recent maintenance2y since pushFIX
- License clarityUnknownCHECK
- README/SKILL.md completenessMetadata includes enough usage and workflow contextPASS
- Dependency/runtime riskno major dependency risk hints in public metadataPASS
Related Skills
Caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
73.4K stars · 0 installsWin11Debloat
A simple, lightweight PowerShell script that allows you to remove pre-installed apps, disable telemetry, as well as perform various other changes to declutter and customize your Windows experience. Win11Debloat works for both Windows 10 and Windows 11.
48.2K stars · 0 installsAdGuardHome
Network-wide ads & trackers blocking DNS server
34.9K stars · 0 installsWeb Check
🕵️♂️ All-in-one OSINT tool for analysing any website
33.7K stars · 0 installs