Embed

Drop your SkillAudit grade on any page.

If your repo has a public SkillAudit report, you can embed the grade in your README, your docs site, or your project homepage with one line. The badge is free, the link goes to your full audit, and the grade updates whenever we re-scan you. A grade authors use it as a security trust signal — every embed is a backlink to your own report card.

Two formats

The SVG badge is shields.io-shaped — perfect for the badge row at the top of your README. The JS widget is a richer card with grade, score, repo name, and a click-through to the audit — best for HTML pages where you want more than 20 pixels of vertical space. Both are free for any repo we've audited.

1. SVG badge — for READMEs

Static SVG, ~600 bytes, no JavaScript, renders anywhere Markdown is accepted. GitHub, npm, GitLab, dev.to, project websites — same image tag works in all of them.

How it looks

Markdown

[![SkillAudit](https://skillaudit.dev/badge/appwrite-mcp.svg)](https://skillaudit.dev/audits/appwrite-mcp/)

HTML

<a href="https://skillaudit.dev/audits/appwrite-mcp/">
  <img src="https://skillaudit.dev/badge/appwrite-mcp.svg" alt="SkillAudit grade">
</a>

F-grade example (yes, we publish those too)

Honest grades — vendor or solo, A or F, the rubric doesn't bend. We expect F-grade authors to embed the badge during fixes and watch it climb on the next re-scan.

2. JS widget — for docs and project sites

A richer card with grade, score, six-axis label, and a click-through. Drop one <div> per repo, one <script> tag total. About 5KB, no dependencies, dark / light parent OK, multiple cards per page.

How it looks

HTML

<div class="skillaudit-embed" data-repo="appwrite/mcp"></div>
<script async src="https://skillaudit.dev/embed.js"></script>

Multiple repos on one page

Each <div class="skillaudit-embed" data-repo="..."> renders independently. The script loads audit-index.json once and renders all cards from cache.

3. Find the embed for your repo

Type owner/repo below to get a copy-paste-ready snippet. If we've audited it, you'll get the badge. If not, we'll show you how to request an audit.

FAQ

Do I need to register or pay to embed?

No. Both formats are free for any repo with a public audit report. The free tier covers public repos forever; Pro ($19/mo) adds private-repo audits, the GitHub Action, full remediation hints, and history.

How does the badge stay accurate?

The SVG is regenerated whenever the audit re-runs (corpus-wide refreshes happen across sessions, and per-repo re-scans on push will land with the GitHub Action). The image URL is stable, so README embeds always serve the latest grade — no manual update needed.

Why would I embed an F badge?

Two reasons. First, it's an honest signal during a fix — the badge climbs on the next re-scan and your community can watch the work. Second, the alternative is hiding it; the audit is public on our board regardless. Owning your grade in your own README is a stronger signal than ignoring it.

Where does the click go?

To https://skillaudit.dev/audits/<your-slug>/ — the public report card, file paths, axis breakdown, and finding counts. No paywall, no auth, no email gate.

Can I embed a repo I don't own?

Yes — the badge is just a static image and the audits are public. Buyers commonly embed competitor grades on their internal docs to make adoption decisions.

Repo not yet audited?

Send the GitHub URL to hello@skillaudit.dev or wait for the public submission form to ship in the MVP build. The free tier covers 3 audits / month per email.

Is the embed tracking me or my visitors?

No. The SVG badge is a static image — the only signal we get is the same HTTP request any image fetch generates (Caddy access log, no cookies, no JS). The JS widget fetches one cacheable JSON file (audit-index.json) and renders client-side; no analytics beacon, no third-party scripts.

Try it on your README today

If you've shipped a Claude skill or MCP server, your repo might already be on the audit board. Find your row, copy the badge snippet from the box above, and your README has a live trust signal in 30 seconds. If your grade is high, it's a buyer-facing badge. If it's low, it's a public commitment to fix.

Find my repo on the audit board