agent-skill-auditorlisted

Use when reviewing, scoring, or improving an agent skill, Skill.md/SKILL.md file, Claude/Codex skill folder, or MCP-adjacent agent workflow for clarity, trigger quality, output format, examples, resource structure, automation, sensitive-data safety, and dangerous-command risk.
leejaewon23/agent-skill-auditor · ★ 0 · AI & Automation · score 70

Install: claude install-skill leejaewon23/agent-skill-auditor

# Agent Skill Auditor ## Overview Audit one skill for usefulness, discoverability, repeatability, and safety. Return a fixed-format report with evidence and concrete fixes, then optionally provide a revised `SKILL.md` or patch. ## Workflow 1. Locate `SKILL.md`, `Skill.md`, or `skill.md` in the target path. If the current directory is a repo root, discover nested skill files recursively. 2. Run the static auditor when filesystem access is available: ```bash python scripts/audit_skill.py /path/to/repo-or-skill ``` 3. Read `references/audit-criteria.md` before final scoring when the audit is more than a quick sanity check. 4. Inspect the Markdown report for secret-pattern findings, dangerous-command findings, MCP config findings, and skill-quality findings. 5. Manually check prompt-injection handling, tool permission scope, filesystem and network boundaries, MCP trust boundaries, and user-consent gates when the skill reads external content or uses tools. 6. Return the report in the exact format below. 7. If asked to fix the skill, keep edits scoped to the skill folder and do not include secrets, credentials, private keys, customer data, or personal tokens. ## Audit Criteria Score the skill against these gates: - Solves one clear problem. - The frontmatter `description` makes usage obvious from trigger conditions alone. - The expected output format is explicit. - There is at least one example input and one matching example output. - Long explanations are moved to `refere