Skill audit report
Toktrack audit report.
Ultra-fast token & cost tracker for LLM Token Usage (e.g. Claude Code)
OpenAgentSkill Trust Score
Stars, maintenance, license, docs, install safety, permission surface, and installability.
The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.
GitHub adoption
INFO62
161 GitHub stars
Stars/forks activity
WARN57
161 stars, 14 forks; issue activity unavailable in current metadata
Recent maintenance
PASS100
3d since push
License clarity
PASS86
MIT
README/SKILL.md completeness
PASS84
Metadata includes enough usage and workflow context
Dependency/runtime risk
WARN54
command execution surface, credential or environment access
Install availability
PASS92
npx skills add mag123c/toktrack
Install command safety
PASS92
standard package or runtime install path
Permission surface
FAIL36
secrets or environment access, shell or command execution
Repository evidence
PASS86
https://github.com/mag123c/toktrack
Review status
PASS88
AI review data available
Real agent outcomes
INFO58
No agent outcome data yet
Checks
Install and adoption review
Install path
92
npx skills add mag123c/toktrack
Repository
88
https://github.com/mag123c/toktrack
License
86
MIT
Maintenance
100
3d since push
AI review
88
Approved with no listed issues
README/SKILL.md completeness
84
Usable description available
Dependency risk
54
command execution surface, credential or environment access
Install command safety
92
standard package or runtime install path
Permission surface
36
secrets or environment access, shell or command execution
Stars/forks activity
57
161 stars, 14 forks; issue activity unavailable in current metadata
Adoption
68
161 GitHub stars
Warnings
- Dependency or permission surface needs review
- Permission surface may require sandboxing
- Quality score needs review
- Permission surface needs review: secrets or environment access, shell or command execution
- Stars/forks activity: 161 stars, 14 forks; issue activity unavailable in current metadata
- Dependency/runtime risk: command execution surface, credential or environment access
- Permission surface: secrets or environment access, shell or command execution
Method
This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.
Compare nearby options