Star0

Pre-install eval

Hello Sql eval report.

A machine-readable install decision for agents: task fit, Trust Score, Audit Score, install safety, permission surface, and a concrete validation plan before this skill touches a workspace.

Needs reviewMEDIUM RISKREVIEW POLICY
76
Eval
85
Trust
78
Audit
58
Safety

manual review

Require human approval before installing into a real workspace.

Required gates

Checks an agent must pass before install

Open JSON

Task fit

84

pass

Task wording matches this skill metadata.

  • Evaluate Hello Sql before installing it in an agent workflow
  • data-analysis
  • Database and SQL workflows; Claude Code teams; teams that value GitHub adoption signals

Install path

92

pass

Install handoff is available.

  • npx skills add mouredev/hello-sql

Install command safety

92

pass

standard package or runtime install path

  • npx skills add mouredev/hello-sql

Trust score

85

pass

Good trust signals with a few areas worth checking before rollout.

  • Strong shortlist
  • 9.7K GitHub stars
  • Apache-2.0

Audit score

78

warn

Needs review

  • Repository appears stale

Agent safety gate

58

warn

Usable candidate, but the agent should surface permission and audit notes before installation.

  • Require human approval before installing into a real workspace.
  • Repository appears stale

License clarity

86

pass

Apache-2.0

  • Apache-2.0

Permission surface

74

warn

filesystem or document access, database access

  • Network access: medium
  • Filesystem access: medium
  • Database access: medium

Validation plan

What the agent should do next

  1. 1Inspect repository, README/SKILL.md, license, and recent commits before production use.
  2. 2Install in an isolated workspace or sandbox with no production secrets available.
  3. 3Run the smallest representative task and record files touched, commands run, network access, and outputs.
  4. 4Compare the selected skill against at least one alternative when the eval status is review or failed.
  5. 5Promote only after the agent reports a successful verification result and unresolved warnings are accepted.

Do not use when

Conditions that require another skill

  • teams that require actively maintained dependencies
  • production agents without a repository review
  • Repository looks stale
  • Repository appears stale
  • Quality score needs review
  • Recent maintenance: 1y since push

Supporting checks

Trust signals behind the decision

README/SKILL.md completeness

pass

90

Metadata includes enough usage and workflow context

Recent maintenance

fail

38

1y since push

Alternatives available

pass

82

Alternative skills are available for comparison.