Skill audit report

Nord Stream audit report.

Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.

REVIEWED · REVIEWSafe to tryGenerated Jun 17, 2026Heuristic metadata audit

Audit

Trust

Quality

Security

Maintain

Install

OpenAgentSkill Trust Score

Strong shortlist

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

358 GitHub stars

Stars/forks activity

WARN

358 stars, 22 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

2mo since push

License clarity

PASS

GPL-3.0

README/SKILL.md completeness

PASS

Metadata includes enough usage and workflow context

Dependency/runtime risk

PASS

no major dependency risk hints in public metadata

Install availability

PASS

npx skills add synacktiv/nord-stream

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Repository evidence

PASS

https://github.com/synacktiv/nord-stream

Review status

PASS

AI review data available

Checks

Install and adoption review

9 passed · 3 review

Install path

PASS

npx skills add synacktiv/nord-stream

Repository

PASS

https://github.com/synacktiv/nord-stream

License

PASS

GPL-3.0

Maintenance

PASS

2mo since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

PASS

no major dependency risk hints in public metadata

Install command safety

PASS

standard package or runtime install path

Permission surface

PASS

filesystem or document access

Stars/forks activity

FIX

358 stars, 22 forks; issue activity unavailable in current metadata

Adoption

INFO

358 GitHub stars

Warnings

Quality score needs review
Stars/forks activity: 358 stars, 22 forks; issue activity unavailable in current metadata

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add synacktiv/nord-stream

Signals

Audit score: 84/100
Quality: 77/100
Trust: 83/100
Install safety: 92/100
Permission surface: 86/100
Maintenance: 2mo since push
Events: No events yet
GitHub stars: 358
Last push: Apr 21, 2026

Agent safety v2

68/100 · Review before install

Reviewedreview

Good audit and safety signals with no high-risk permission hints in public metadata.

Review the audit page, then allow agent install in a sandboxed workflow.

Safe-to-try audit
68/100 agent safety score

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Filesystem access

medium

Skill may read or write project files, documents, generated artifacts, or local workspace state.

Quality score needs review

Back to skill Alternatives Audit badge SVG

Compare nearby options

Nord Stream audit report.

Stars, maintenance, license, docs, install safety, permission surface, and installability.

Install and adoption review

Related skills to audit next

Kubernetes

Traefik

Etcd