dabit3

dabit3 / skill-audit

Public

Audit agent skill definitions for security, completeness, and compatibility across Codex, Claude Code, OpenClaw, and more

33
5
100% credibility
Found Feb 18, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

A tool that scans folders of AI agent skill definitions in multiple formats to detect security risks, check quality, and provide scores with improvement suggestions.

How It Works

1
🔍 Discover the skill checker

You find this helpful tool while looking for ways to ensure your AI agent abilities are safe and well-made.

2
💻 Get the tool ready

You easily add the checker to your computer so it's ready to use anytime.

3
📁 Choose your skills folder

You pick the folder holding your collection of AI skills to review.

4
🚀 Run the safety scan

The tool quickly examines all your skills for hidden dangers, missing details, and overall quality.

5
📊 Review the colorful report

You see easy-to-read scores, letter grades, and friendly tips highlighting what's great and what to improve.

6
✏️ Make improvements

You follow the suggestions to fix issues and make your skills stronger and safer.

Skills are top-notch!

Your AI skills now shine with high scores, ready to work perfectly across any platform without worries.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 20 to 33 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is skill-audit?

skill-audit is a TypeScript CLI tool that scans directories for AI agent skill definitions—formats like OpenClaw's SKILL.md, Codex YAML, Claude Code commands, and OpenCode JSON—and audits them for security risks like remote code execution, sensitive file access, or fork bombs, plus quality issues such as missing docs or unpinned deps. It spits out A-F grades with security/quality scores, JSON output, and CI-friendly exits on low scores via commands like `skill-audit scan ./skills --min-score 70`. Run it globally via npm or npx to catch agentic audit problems before skills ship across platforms.

Why is it gaining traction?

In a world of portable agent skills for Codex, Claude, and OpenClaw, it stands out with cross-format detection, weighted scoring (60% security), and GitHub Actions integration for audit github actions workflows or pre-commit hooks. Devs hook it for programmatic use in TypeScript, listing skills without full audits, or verbose reports with suggestions—solving the audit agent AI pain of manual reviews in monorepos. The threshold fails and summary stats make it dead simple for audit trail agentforce enforcement.

Who should use this?

AI platform maintainers auditing skill libraries for OpenClaw or Codex repos, agentic AI teams doing internal audit skills checks before production, or monorepo owners scanning for compatibility. Ideal for devs building audit agent software with CI gates, like failing PRs on critical issues, or contributors to shared skill catalogs needing quick skill audit assessment forms.

Verdict

Grab it for niche agentic audit needs—solid docs and CLI make it CI-ready despite 16 stars and 1.0% credibility signaling early maturity. Test on your skills dir; it'll flag real risks fast, but watch for broader adoption before core dependency.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.