Skill audit report

OSCAL audit report.

Open Security Controls Assessment Language (OSCAL)

REVIEWED · REVIEWSafe to tryGenerated Jul 3, 2026Heuristic metadata audit
84
Audit
78
Trust
82
Quality
80
Security
100
Maintain
92
Install

OpenAgentSkill Trust Score

78
Strong shortlist

Stars, maintenance, license, docs, install safety, permission surface, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

76

909 GitHub stars

Stars/forks activity

INFO

71

909 stars, 243 forks; issue activity unavailable in current metadata

Recent maintenance

PASS

100

13d since push

License clarity

WARN

42

Unknown

README/SKILL.md completeness

INFO

74

Public metadata needs stronger README/SKILL.md context

Dependency/runtime risk

PASS

90

no major dependency risk hints in public metadata

Install availability

PASS

92

npx skills add usnistgov/OSCAL

Install command safety

PASS

92

standard package or runtime install path

Permission surface

INFO

74

filesystem or document access, database access

Repository evidence

PASS

86

https://github.com/usnistgov/OSCAL

Review status

PASS

88

AI review data available

Agent Proven outcomes

INFO

54

No agent outcome data yet

Checks

Install and adoption review

8 passed · 6 review

Install path

92

PASS

npx skills add usnistgov/OSCAL

Repository

88

PASS

https://github.com/usnistgov/OSCAL

License

45

CHECK

Unknown

Maintenance

100

PASS

13d since push

AI review

88

PASS

Approved with no listed issues

README/SKILL.md completeness

84

PASS

Usable description available

Dependency risk

90

PASS

no major dependency risk hints in public metadata

Install command safety

92

PASS

standard package or runtime install path

Permission surface

74

CHECK

filesystem or document access, database access

Stars/forks activity

71

CHECK

909 stars, 243 forks; issue activity unavailable in current metadata

Adoption

88

PASS

909 GitHub stars

Warnings

  • License is unclear
  • Quality score needs review
  • License clarity: Unknown

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Compare nearby options

Related skills to audit next