Above average — notable defaults or data retention policies worth reviewing before wider use. See .
⚠The team behind this tool is not publicly identified — anonymous authorship is a significant trust risk.
No privacy policy or ToS exists anywhere on the site or GitHub, and the project is maintained by a solo teenage developer with no legal entity — both meaningful gaps before any team or enterprise adoption.
Score Summary
Claim Accuracy4/5
Data & Privacy3/5
Security Posture3/5
Transparency3/5
Key Findings
›No privacy policy, no terms of service, and no legal entity of any kind could be found at tasteskill.dev or on GitHub — the site is operated by a private individual with no corporate wrapper. Source: full fetch of https://www.tasteskill.dev/ and https://www.tasteskill.dev/docs returned zero links to /privacy or /terms.
›The tool is MIT-licensed and fully open-source; SKILL.md files are plain Markdown and can be inspected, forked, or self-hosted without any cloud dependency. Source: https://www.tasteskill.dev/llms.txt.
›Installation via 'npx skills add Leonxlnx/taste-skill' fetches from the main branch with no version pinning or lockfile, exposing users to silent upstream changes — a documented supply-chain risk class affecting the entire SKILL.md ecosystem. Source: https://pavel.pink/blog/pixi-skills/ and https://snyk.io/articles/skill-md-shell-access/.
›The GitHub repository (https://github.com/Leonxlnx/taste-skill) shows a single contributor, 10k stars, 970 forks, 61 commits, and only 1 open issue — active but entirely single-maintainer with no bus-factor mitigation.
›The changelog (https://www.tasteskill.dev/changelog) clearly labels brutalist-skill as Beta and v2 as unreleased, indicating honest staging of experimental content. Stable skills are appropriately marked.