Item detail
github.com

modiqo/skillspec

modiqo/skillspec is a rust cli for auditing and contra that RepoRadar is tracking in its Agent Skills section, currently rated Gold tier with a 'try now' verdict. Its strongest signal is workflow potential, scored 9.7 out of 10.

Score8.2
Popularity1.0
Risklow
TierGold
Score breakdown
Usefulness9.0
Novelty9.0
Momentum7.0
Maturity6.5
Open-source/build8.4
Evidence7.2
Workflow potential9.7
Setup ease8.8

Popularity is tracked separately. Support, ads, sponsorships, and tips never affect these signals.

Why it matters

Useful for any developer or team that ships agent skills (Claude Code, Codex, Cursor, OpenCode, OpenClaw) and has watched an agent follow the broad task but skip a late safety rule, grab an undeclared tool, and report "done" with no proof — `skillspec doctor ./my-skill` returns a 0-100 follow-through risk report with concrete findings (short generic descriptions above the balanced token target, mu

Who should use it

Any developer or team that ships agent skills (Claude Code, Codex, Cursor, OpenCode, OpenClaw) and has watched an agent follow the broad task but skip a late safety rule, grab an undeclared tool, or report 'done' with no proof — `skillspec doctor` returns the risk score and findings, `skillspec import` compiles the contractAnyone who needs a structured contract for an agent skill — `skill.spec.yml` lists when to use the skill, which route to take, what is forbidden, what dependencies must exist, what checks must pass, and what proof should exist at the end, so a run can be gated on whether the contract was followedClaude Code or Codex plugin users who want the audit + import workflow from their marketplace — `claude plugin marketplace add modiqo/skillspec` or `codex plugin marketplace add modiqo/skillspec` installs the same workflowAnyone evaluating a public skill repo who wants the doctor report in the browser before installing — the hosted skillspec.sh playground accepts a public GitHub skill URL and shows the report without any local installAnyone who needs to gate an agent run on whether a skill's contract was followed — the structured `skill.spec.yml` makes the gate possibleAnyone who needs to audit their own skills across many repos — the doctor command works on a local folder, a public GitHub URL, or a hosted playground, and the doctor report is a single line per finding for easy automationTooling authors who want to extend the specification — the `spec/`, `conformance/`, `plugins/`, `examples/` directory layout is the right shape for an evolving specificationAnyone who needs a Rust single-binary distribution with cross-platform prebuilt releases, .sha256 checksums, and a v0.1.0 pin path

Who should skip it

Pass on modiqo/skillspec if its scope or audience does not match what your team is building right now.

About this signal

modiqo/skillspec is tracked by RepoRadar as a rust cli for auditing and contra in the Agent Skills section. It was first seen on 2026-07-04 and last updated on 2026-07-04. The current verdict is 'try now' with a Gold tier and easy setup difficulty. The standout signals for modiqo/skillspec are workflow potential (9.7) and practical usefulness (9.0), while maturity (6.5) trails — that balance shapes where it fits best. This page summarizes the evidence RepoRadar has captured from captured source metadata. The score, tier, risk label, and verdict on this page are never influenced by sponsorship, ads, or tips — they reflect only the usefulness, popularity, novelty, momentum, maturity, and evidence signals described in the RepoRadar methodology.

How this item is evaluated

RepoRadar assigned modiqo/skillspec a composite score of 8.2 out of 10, placing it in the Gold tier. This score combines weighted sub-signals: usefulness (35%), novelty (18%), momentum (14%), maturity (10%), open-source/build quality (7%), evidence quality (6%), workflow potential (6%), and setup ease (4%). Popularity is tracked separately at 1.0 and never affects the composite score or tier. The risk label of 'low' reflects inherent user-impacting hazards, not generic novelty. Items with no risk flag may still require normal code review before production use.

Putting this into practice? Read How to vet an AI agent or MCP server before you wire it in for the checklist behind this score.

Risk explanation

Risk label is still being reviewed from the captured evidence. Treat the item as unknown-risk until you review the linked source, permissions, setup path, and data access.

Evidence links
Closest alternatives / related signals
agent-skillsskill-mdskill-specskill-spec-ymlskill-auditingskill-contractdoctor-reportfollow-through-risk