operator-scorecard

Synthesizes weekly agent performance and community growth into a concise scorecard, answering if the week was productive.

Install this skill

or

20/100

Security score

The operator-scorecard skill was audited on Jun 15, 2026 and we found 8 security issues across 1 threat category, including 4 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 8

Template literal with variable interpolation in command context

SourceSKILL.md

8	> ${var} — Optional. Pass `dry-run` to skip the notification (article + JSON spec still write). Pass an integer N to override the window (default 7 days = 168h). Empty = run normally on the 7-day

high line 36

Template literal with variable interpolation in command context

SourceSKILL.md

36	- If `${var}` matches `^dry-run` → `MODE=dry-run`. Strip the prefix; remainder treated as window override.

high line 94

Template literal with variable interpolation in command context

SourceSKILL.md

94	Path: `articles/operator-scorecard-${today}.md`. Overwrite if exists (idempotent same-day reruns).

medium line 96

Template literal with variable interpolation in command context

SourceSKILL.md

96	```markdown

medium line 144

Template literal with variable interpolation in command context

SourceSKILL.md

144

```json

medium line 201

Template literal with variable interpolation in command context

SourceSKILL.md

201

```

high line 221

Template literal with variable interpolation in command context

SourceSKILL.md

221	### 9. Log to `memory/logs/${today}.md`

medium line 223

Template literal with variable interpolation in command context

SourceSKILL.md

223

```

Scanned on Jun 15, 2026

View Security Dashboard

Installation guide →

GitHub Stars 14

Rate this skill

Categorymarketing

UpdatedJune 15, 2026

frontend git api testing growth-marketer marketing-analyst product-manager marketing product

aaronjmars/miroshark-aeon