Skill audit report

Spug audit report.

开源运维平台：面向中小型企业设计的轻量级无Agent的自动化运维平台，整合了主机管理、主机批量执行、主机在线终端、文件在线上传下载、应用发布部署、在线任务计划、配置中心、监控、报警等一系列功能。

VERIFIED · ALLOWSafe to tryGenerated Jun 24, 2026Heuristic metadata audit

Audit

Trust

100

Quality

Security

100

Maintain

Install

OpenAgentSkill Trust Score

Production candidate

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

PASS

100

11K GitHub stars

Stars/forks activity

PASS

11K stars, 2.2K forks; issue activity unavailable in current metadata

Recent maintenance

PASS

100

12d since push

License clarity

PASS

AGPL-3.0

README/SKILL.md completeness

PASS

Metadata includes enough usage and workflow context

Dependency/runtime risk

PASS

no major dependency risk hints in public metadata

Install availability

PASS

npx skills add openspug/spug

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Repository evidence

PASS

https://github.com/openspug/spug

Review status

PASS

AI review data available

Real agent outcomes

INFO

No agent outcome data yet

Checks

Install and adoption review

11 passed · 0 review

Install path

PASS

npx skills add openspug/spug

Repository

PASS

https://github.com/openspug/spug

License

PASS

AGPL-3.0

Maintenance

100

PASS

12d since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

PASS

no major dependency risk hints in public metadata

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Stars/forks activity

PASS

11K stars, 2.2K forks; issue activity unavailable in current metadata

Adoption

PASS

11K GitHub stars

Warnings

No major warnings detected from available metadata.

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add openspug/spug

Agent-readable metadata

Machine decision packet

Embedded JSON exposes suited tasks, suited agents, install command, trust score, safety gate, alternatives, and do-not-use conditions for agent review.

Install policy: allow
Best agents: JavaScript + DevOps
Alternatives: 3

Open agent JSON

Signals

Audit score: 96/100
Quality: 100/100
Trust: 95/100
Install safety: 92/100
Permission surface: 86/100
Maintenance: 12d since push
Events: 4 events
GitHub stars: 11K
Last push: Jun 12, 2026

Agent safety v2

88/100 · Safe to install with normal review

Verifiedallow

Strong metadata, audit, install, and review signals. Suitable for agent shortlists after normal workspace review.

Allow agent install in a sandbox or low-risk workspace, then promote after one successful narrow task.

Verified listing
Safe-to-try audit
88/100 agent safety score

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Filesystem access

medium

Skill may read or write project files, documents, generated artifacts, or local workspace state.

Back to skill Alternatives Audit badge SVG

Compare nearby options

Spug audit report.

Stars, maintenance, license, docs, install safety, permission surface, and installability.

Install and adoption review

Related skills to audit next

Kubernetes

Traefik

Etcd