Skill Security Analyzer that shows what is already tracked and what still needs real review.
This page fixes the gap between the site's security-first positioning and a missing product surface. Paste any public GitHub repo, see whether AgentSkillsHub already tracks it, then layer on a live GitHub preflight instead of a fake backend audit claim.
Tracked repos
200
Aggregated from 1200 tracked catalog skills.
OpenClaw rows
3.0k
Extra watchlist coverage for safety signals and review examples.
High-permission watch
584
Watchlist items that deserve a slower, more explicit install review.
Supports tracked repo lookup, public repo metadata, root structure checks, and a lightweight sample scan of candidate files.
Truth boundary
Three lanes, not one fake number
1. Tracked catalog match
If the repo already powers AgentSkillsHub pages, you get a catalog-backed trust score, freshness, adoption, and coverage view immediately.
2. Live GitHub preflight
We pull public metadata, inspect root structure, and sample candidate files for review-needed patterns. This is real, but still lightweight.
3. Manual decision
Anything touching production agents still needs a human install decision. The analyzer is a triage layer, not a fake final verdict machine.
Current stage
Match against tracked repos and run a live GitHub preflight.
Why this exists
The homepage already talks about security scores. This page turns that positioning into a real operator tool instead of a missing route.
Immediate use
Use it before installing a new MCP server, before submitting a repo to the directory, or before copying a skill into an internal stack.
Paste a repo
Start with a public GitHub repo URL or shorthand. If the repo already has indexed AgentSkillsHub coverage, you will see it immediately.
Layer the signals
We combine tracked catalog trust with a live GitHub preflight so the output is useful even when a repo is new to the directory.
Decide the next step
The output is built for triage: shortlist, review, or reject. It is not a fake “AI says safe” wrapper.
Working set
Repos worth checking before you paste your own
These modules keep the page useful even before a user runs a lookup. The goal is to feel like a product surface, not a blank demo shell.
Recent tracked repos
High-trust picks
Scoring model
How this page avoids fake certainty
The strongest competitor move here is not louder marketing copy. It is a cleaner truth model: show what is indexed, show what was checked live, and keep the manual boundary explicit.
Tracked score
Built from indexed AgentSkillsHub coverage, security scores already on tracked entries, adoption, freshness, and repo-level coverage density.
Live preflight
Built from public GitHub repo metadata, root hygiene signals, and a lightweight sample scan of candidate files using transparent rules.
Manual review
Anything with broad filesystem, network, shell, or secret-handling patterns still needs a human install decision before production use.
Next step
Use the analyzer as the front door, then push good repos into a real review lane.
This is the right flagship move for AgentSkillsHub: a useful product screen that can grow into stronger audit coverage later, instead of another article shell.