Ālo Labs

Executes CompareSkills evaluation. Scores candidates on capability, security, popularity, and recency. Writes comparison-{hash}.json to ~/.topgun/.

Executes FindSkills discovery work. Queries skill registries, normalizes results, and writes found-skills-{hash}.json to ~/.topgun/.

Executes InstallSkills work. Installs secured skill via /plugin install with local-copy fallback. Verifies installation and updates registry.

Executes SecureSkills audit loop. Invokes bundled SENTINEL v2.3.0, fixes findings, verifies SHA-256 integrity, and produces secured copy.

Sub-skill of TopGun. Evaluates skill candidates across capability, security, popularity, and recency dimensions. Not normally invoked directly. The topgun orchestrator dispatches this via the topgun-comparator agent.

Sub-skill of TopGun. Searches skill registries and returns structured candidate manifests. Not normally invoked directly. The topgun orchestrator dispatches this via the topgun-finder agent.

Sub-skill of TopGun. Installs a secured skill via /plugin install with local-copy fallback. Not normally invoked directly. The topgun orchestrator dispatches this via the topgun-installer agent.

Sub-skill of TopGun. Security-audits a skill via the bundled SENTINEL skill at $CLAUDE_PLUGIN_ROOT/skills/sentinel/SKILL.md, fixes findings, and produces a secured copy. Not normally invoked directly. The topgun orchestrator dispatches this via the topgun-securer agent.

SENTINEL — a comprehensive security audit skill for Claude Skills. Performs red-team/blue-team analysis on any SKILL.md (and its bundled scripts, hooks, and references), producing a formal vulnerability report with CVSS-scored findings, proof-of-concept payloads, a risk matrix, hardened rewrites, and CI/CD gate recommendations. Use this skill whenever the user asks to: audit a skill for security, pentest a skill, red-team a skill, harden a skill, review a skill's attack surface, check a skill for prompt injection vulnerabilities, or assess the safety of a skill before deployment. Also trigger when the user mentions "security review", "vulnerability scan", "threat model", or "OWASP" in the context of a Claude Skill. Even if the user just says "is this skill safe?" or "check this skill" — if a SKILL.md is involved, this is the right tool.

This skill should be used when the user asks to "find a skill", "find the best skill for", "search skill registries", "install a skill safely", or mentions /topgun. Orchestrates FindSkills, CompareSkills, SecureSkills, and InstallSkills sub-agents to discover, evaluate, audit, and install the best available Claude Code skill for any job.