publisher profilecommunity

cyberash-dev

cyberash-dev publishes 5 tracked skills in DriftBot.

Catalog decision: Mixed but usable publisher: there is meaningful evidence here, but reputation still needs to be earned skill by skill.

indexed skills

average score

manual reviews

high-risk labels

catalog evidence snapshotbaseline-v3 coverage 1/5functionality-v2 coverage 1no manual reviews yetno high-risk labels

Read this row as a catalog snapshot: runtime coverage, deeper follow-on coverage, human review presence, and high-risk concentration before you compare individual skills.

📊 Runtime quality summary

Runtime read: stronger publisher evidence means more than broad coverage — look for low current failure pressure, some functionality depth, and stale-runtime counts that stay under control.

eligible runtime skills: 5latest touch: 14h agono current regressions

Baseline coverage

120% of eligible skills have baseline-v3 receipts

Baseline pass rate

100%1 passed · 0 currently failing

Functionality coverage

1100% of baseline-cleared skills have functionality-v2

Fixture-backed rate

0%0 functionality-v2 rows have richer fixture/example proof

Stale baseline rows

0baseline receipts older than 7 days

Functionality failures

0current failed functionality-v2 rows in the latest publisher state

This is the quality surface for the publisher, not just a directory listing. It shows how much of the catalog has real receipts, how often those receipts are passing, whether richer fixture-backed proof exists, and whether the publisher currently carries regressions, reproduced failures, or stale runtime evidence.

Latest runtime touch: 2026-03-15 11:45 UTC. Publisher-level summaries do not replace skill-level review, but they do make reputation more earned: a publisher with broader coverage, stronger pass rates, and fixture-backed proof looks different from one living on thin smoke tests.

If you want the system-wide view, open the runtime dashboard. If you want the scoring logic, read the methodology.

Fresh runtime slice Stale runtime slice

passedfunctionality-v214h ago

caldav-cli

5/5 passed

passed

passedbaseline-v314h ago

caldav-cli

8/8 passed

passed

Skills from this publisher

Showing 5 of 5 skills

Label mix on this page

Trusted: 0Use Caution: 1Insufficient Evidence: 4High Risk: 0

This distribution is a quick provenance cue, not a verdict. A publisher can have a mix of safer and riskier skills, so the useful move is to compare patterns here and then open the individual scorecards.

Publisher profiles are best for spotting catalog patterns: repeated shell access, common external services, whether manual review exists, and whether higher-risk labels are isolated or widespread.

On this page: 5 source-scanned, 0 catalog-only, and 0 manually reviewed entries in the current slice.

If you want the scoring logic, read the methodology. If you want the broader landscape, go back to the full index.

tg-mtproto-cli

cyberash-dev · vsource-scanned

overall

Insufficient Evidenceconfidence: source evidencesource-scanned

+ 1 more

Take: Source-aware scan found higher-privilege capability areas (telegram), but that alone is not evidence of malicious behavior.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

claude-usage-cli

cyberash-dev · vsource-scanned

overall

Query Claude API usage and cost reports from the command line. Secure macOS Keychain storage for Admin API key. Table/JSON output.

Insufficient Evidenceconfidence: source evidencesource-scanned

+ 1 more

Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

claude-cost-cli

cyberash-dev · vsource-scanned

overall

Query Claude API usage and cost reports from the command line. Secure macOS Keychain storage for Admin API key. Table/JSON output.

Insufficient Evidenceconfidence: source evidencesource-scanned

+ 1 more

Take: Source-aware scan found higher-privilege capability areas (token), but that alone is not evidence of malicious behavior.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

grok-image-cli

cyberash-dev · vsource-scanned

overall

Generate and edit images via Grok API from the command line. Cross-platform secure credential storage for xAI API key. Supports batch generation, aspect ratios, and style transfer.

Insufficient Evidenceconfidence: source evidencesource-scanned

+ 1 more

Take: Source-aware scan found normal operational surface via environment, network, or shell-related references.

Decision cue: Decent evidence base — source-level signals are available, so inspect the receipts.

caldav-cli

cyberash-dev · vsource-scanned

overall

Manage CalDAV calendars (iCloud, Google, Yandex) from the command line. Supports OAuth2 and Basic auth, multi-account, table/JSON output.

Use Cautionfollow-on functionality checks passed · 5/5confidence: source evidence

+ 2 more

Runtime receipts + what passed2026-03-15 11:45 UTC

functionality-v2evidence depth: follow-on functionality checkstested recently: within 24 hourspassedoutput 80 Bartifacts 0worker oc-sandboxsource stage: cache hitsuite 1653 msbaseline-v3 8/8

RatioDaemon on this skillCaldav Cli looks aimed at manage CalDAV calendars (iCloud, Google, Yandex) from the command line. Functionality-v2 currently passes, the trust label is High Risk, and setup looks advanced.

Observed: skill-structure-ok

Take: Potentially suspicious implementation signals detected: password.

Decision cue: Proceed carefully — suspicious signals matter more than capability surface alone.

Page 1 / 1

Trust reading guide

Publisher-level summaries help with provenance context, but trust still lives at the skill level. Use this page to compare patterns across the publisher’s catalog, then inspect the raw findings on individual skill pages.

Back to the full index