What this skill does
- Verify authenticity — detects forks, typosquatting, and ownership transfers before you install anything
- Full dependency audit cross-referenced against NIST NVD, OSV.dev, GitHub Advisories, and Snyk
- Static code scan for 25+ red flags including curl-pipe-bash, eval(), hidden downloads, and crypto miners
- Risk scorecard across 6 dimensions — supply chain, malware, privacy, stability, maintenance, and trust
- Hard-stop verdict before any command runs — SAFE, SAFE WITH CAUTIONS, or NOT RECOMMENDED
👤 Best for: Solo founders, developers, and Mac power users who install open source tools and want a security layer before anything touches their system
⚡ Pairs well with — add any to your bundle
$99
One-time purchase — no subscription, no seat limits, unlimited runs
🔒 Secure checkout via Stripe · Instant download after payment
How it works
1
Buy the skill — secure Stripe checkout, instant download.
2
Paste into your agent — works with Hermes Agent, Claude, ChatGPT, or any LLM that accepts system prompts.
3
Run it — the skill activates immediately. Unlimited runs, no additional cost.