Security scanner and skill registry for agent tool descriptions
Project description
brunnr
The well agents drink from.
Security scanner and skills marketplace for Claude Code.
Beneath the world tree there is a well. Odin gave an eye to drink from it.
Your agent won't need to. We bottled the water.
What this is
brunnr is a security scanner and skills marketplace for Claude Code.
- Scan — a deterministic, zero-dependency scanner that checks SKILL.md files for prompt injection, credential theft, data exfiltration, supply chain poisoning, and 4 other threat classes. No LLM in the scan loop.
- Install — fetch skills from the registry with review-before-install defaults. You see what you're installing before it touches your project.
- Eval — validate skill quality by running test fixtures against Claude. Structured assertions on scores, format, and criteria.
- Pipeline — scan + eval in one command with CI-ready exit codes.
Install
Option 1 — Claude Code (recommended)
# Add the brunnr marketplace
/plugin marketplace add Peleke/brunnr
# Install a skill
/plugin install ax-rubric@brunnr-skills
# Use it
/ax-rubric
Option 2 — CLI
# uv (recommended)
uv tool install brunnr
# or pipx
pipx install brunnr
# or pip
pip install brunnr
# Install a skill from the registry
brunnr install ax-rubric
# Scan your skills for threats
brunnr scan skills/
# Run the eval harness
brunnr eval ax-rubric --dry-run
Skills
| Skill | What it does | Based on |
|---|---|---|
| ax-rubric | Score tool descriptions 0-5 on agent discoverability. Five criteria, pass/fail, rewrite. | I Don't Deliberate About This |
More skills coming. Each one ships alongside an article in the AX series.
Why "brunnr"
Old Norse brunnr: well, spring.
As in Mímisbrunnr — the Well of Mímir beneath Yggdrasil. Odin sacrificed an eye to drink from it and gain wisdom. The well doesn't give you answers. It gives you the capacity to see what was always there.
Your agent doesn't need to sacrifice anything. It just needs tool descriptions that don't waste its context window.
Contributing
Have an agent-facing tool? Run /ax-rubric on your own descriptions first. If they score 4+, you're ahead of 90% of the field.
Want to add a skill? Open a PR. The rubric applies to skill descriptions too.
License
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file brunnr-0.1.2.tar.gz.
File metadata
- Download URL: brunnr-0.1.2.tar.gz
- Upload date:
- Size: 1.5 MB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ffd5045041efce23e78e608fccc72529e37e2af5846b8cf995869fbd9f43e907
|
|
| MD5 |
e5208586aa7e95c1380ceb9d581c41f8
|
|
| BLAKE2b-256 |
6f60ffdcc22eb360a55bcd0d28fc14ee0659b56e0a6a9c0f63745d325e3a2201
|
Provenance
The following attestation bundles were made for brunnr-0.1.2.tar.gz:
Publisher:
publish.yml on Peleke/brunnr
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
brunnr-0.1.2.tar.gz -
Subject digest:
ffd5045041efce23e78e608fccc72529e37e2af5846b8cf995869fbd9f43e907 - Sigstore transparency entry: 1088472828
- Sigstore integration time:
-
Permalink:
Peleke/brunnr@a378cfa3b4be4c75620e57b826d0a6184ed88404 -
Branch / Tag:
refs/tags/v0.1.2 - Owner: https://github.com/Peleke
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@a378cfa3b4be4c75620e57b826d0a6184ed88404 -
Trigger Event:
push
-
Statement type:
File details
Details for the file brunnr-0.1.2-py3-none-any.whl.
File metadata
- Download URL: brunnr-0.1.2-py3-none-any.whl
- Upload date:
- Size: 19.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
acf1fe6851ccfce1b6038798eb29da6200d11b5780c6c826790a669850a000c1
|
|
| MD5 |
62d52871f503a32b10b2db10aa70baa1
|
|
| BLAKE2b-256 |
5188abe784001d25f04200276d36970a0ffa3e39c238de0c26e27d27c8263dcd
|
Provenance
The following attestation bundles were made for brunnr-0.1.2-py3-none-any.whl:
Publisher:
publish.yml on Peleke/brunnr
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
brunnr-0.1.2-py3-none-any.whl -
Subject digest:
acf1fe6851ccfce1b6038798eb29da6200d11b5780c6c826790a669850a000c1 - Sigstore transparency entry: 1088472860
- Sigstore integration time:
-
Permalink:
Peleke/brunnr@a378cfa3b4be4c75620e57b826d0a6184ed88404 -
Branch / Tag:
refs/tags/v0.1.2 - Owner: https://github.com/Peleke
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@a378cfa3b4be4c75620e57b826d0a6184ed88404 -
Trigger Event:
push
-
Statement type:
