Best AI Skill for any Job — Security Assured
Agentic AI Skills Finder and Security Enforcer
Use TopGun to get the job done — the best AI skills in the world discovered, security scanned and cleared. TopGun searches 16 active skill registries, ranks every candidate across four dimensions, runs a SENTINEL security audit until clean, and installs the winner — automatically.
Every manual skill install is a gamble. You don't know if there's a better option, if the code is safe, or if a newer version exists. TopGun eliminates that gamble completely.
You pick what you know, not what fits. Better options exist across dozens of registries you've never searched.
No audit means trusting random code with full tool access. Any SKILL.md could exfiltrate data or phone home.
skills.sh, GitHub, npm, Smithery — impossible to manually check all. You miss the best option every time.
Installed skills run with whatever allowed-tools they declare. No hash checking. No integrity guarantees.
Every /topgun invocation runs the full pipeline. No shortcuts.
Searches 16 active registries in parallel — skills.sh, Smithery, GitHub, npm, GitLab, LobeHub, and more. Normalizes every result to a unified schema, deduplicates by contentSha, and produces a ranked candidate list.
Scores every candidate across four weighted dimensions: capability match (55%), security posture (20%), popularity (15%), and recency (10%). Capability is decomposed into a domain-specific 5-sub-criterion rubric synthesized from the candidate field. A capability floor demotes low-fit candidates; the composite score selects the winner.
Runs bundled SENTINEL v2.3.0 against the top candidate. Requires 2 consecutive clean passes. Applies fixes between passes. Aborts if SHA-256 hash mismatches between passes.
Presents a full audit manifest for user approval. On approval, installs via /plugin install with local-copy fallback if the plugin system has a known bug.
FindSkills queries every major skill registry in parallel. No manual searching required.
claude-skill — broad community coverage@claude-skill scoped packages with semver versioningEvery skill is audited by bundled SENTINEL v2.3.0 before installation. No exceptions. No overrides.
All external skill content is wrapped in a structural envelope before injection into agent context, preventing prompt injection attacks.
Rejects any SKILL.md containing curl, wget, or fetch in executable sections.
SENTINEL runs until it returns zero findings on two consecutive independent passes. No single-pass shortcuts are allowed.
SHA-256 hash of the skill content is verified between passes. Any mismatch triggers an immediate pipeline abort.
Install TopGun once. From that point forward, every skill you need is one command away — always the best available, always audited.
TopGun is free, open-source, and available now. One install gives you access to every skill registry on the planet — with a security audit on every result.