theinfosecguy/razin

Static analysis scanner for SKILL.md LLM agent skills with deterministic security findings.

What's novel

Static analysis scanner for SKILL.md LLM agent skills with deterministic security findings.

Code Analysis

5 files read · 2 rounds

This project implements a secure, configurable security policy engine that validates rule overrides against severity constraints and generates deterministic configuration fingerprints for cache invalidation.

Strengths

The code demonstrates excellent separation of concerns with distinct modules for validation, fingerprinting, and effective state resolution. Error handling is robust, specifically validating logical consistency (min <= max) and raising appropriate exceptions. The use of typed dataclasses and sorted keys ensures deterministic behavior essential for caching.

Weaknesses

While the core logic is sound, the project appears to be a configuration layer rather than a full application with complex algorithms. Test coverage seems limited to unit tests for specific functions without integration tests covering the full pipeline.

Score Breakdown

Innovation

5 (25%)

Craft

81 (35%)

Traction

20 (15%)

Scope

83 (25%)

Signal breakdown

Innovation

Not Fork+1

Code Novelty+1

Concept Novelty+2

Craft

Ci+5

Tests+8

Polish+3

Releases+3

Has License+5

Code Quality+26

Readme Quality+12

Recent Activity+7

Structure Quality+5

Commit Consistency+2

Has Dependency Mgmt+5

Traction

Forks+0

Stars+12

Hn Points+0

Watchers+3

Early Traction+5

Devto Reactions+0

Community Contribs+0

Scope

Commits+8

Languages+5

Subsystems+10

Bloat Penalty+0

Completeness+7

Contributors+5

Authored Files+15

Readme Code Match+3

Architecture Depth+7

Implementation Depth+8

Evidence

Commits

Contributors

Files

204

Active weeks

TestsCI/CDREADMELicenseContributing

Repository

Language

Python

Stars

Forks

License

MIT