10 Fastest-Growing GitHub Repos
Verified Deep-Dive & Security Audit
An Instagram carousel by "Syntaix AI" listed the 10 fastest-growing GitHub repos of the week. We identified each one, cloned all of them locally, analyzed what they actually are and how to use them, and ran both an automated pattern scan and a manual security review on every codebase.
The one-screen verdict
| # | Repo | What it is | Stars (actual) | License | Risk | Worth it? |
|---|---|---|---|---|---|---|
| 1 | mvanhorn/last30days-skill | Multi-platform research skill for AI agents | 52,715 | MIT | Medium | Yes — with scoped keys |
| 2 | headroomlabs-ai/headroom | LLM token/context compression proxy | 59,886 | Apache-2.0 | Medium | Yes — real savings |
| 3 | NousResearch/hermes-agent | Self-improving personal AI agent | 217,009 | MIT | Medium† | Yes — sandboxed only |
| 4 | Leonxlnx/taste-skill | Anti-"AI slop" frontend design skills | 65,058 | MIT | Low | Yes — install today |
| 5 | microsoft/markitdown | Any file → Markdown for LLM pipelines | 167,188 | MIT | Low | Yes — de facto standard |
| 6 | Panniantong/Agent-Reach | Social/web read-access layer for agents | 57,889 | MIT | Medium | Maybe — burner accounts |
| 7 | lfnovo/open-notebook | Self-hosted NotebookLM alternative | 35,728 | MIT | Medium | Yes — localhost only |
| 8 | santifer/career-ops | AI job-search command center | 60,558 | MIT | Medium | Yes — review every submit |
| 9 | "container" | Claimed second-brain app — does not exist | — | — | Not found | No — likely fabricated |
| 10 | phuryn/pm-skills | 68 product-management skills for Claude | 23,990 | MIT | Low | Yes — prompt-only, safe |
† Medium when deployed as documented (Docker/VPS + allowlists); High if installed carelessly on your main machine. Stars fetched live from the GitHub API on 2026-07-19.
◈The IG post vs reality
Before trusting any viral repo list, verify it. Here is what checking this one found:
- The star counts in the post are not the repos' star counts. The post says "+12.4K stars" for last30days-skill — the repo actually has 52,715. hermes-agent is listed at "+10.7K" but sits at 217,009. The numbers roughly match stars gained recently, so "+X stars this week" is the only honest reading — the slides never say that.
- One of the ten repos appears to not exist. #9 "Container" (an "AI second brain") could not be found on GitHub by name, description, or feature set — see the #9 section.
- One repo is mis-described. #7 open-notebook is called a "Jupyter alternative you can run anywhere." It is not a Jupyter alternative — it is a Google NotebookLM alternative (research sources + AI chat + podcast generation). No code cells, no kernels.
- The rest check out. Nine of ten are real, actively maintained, permissively licensed projects — several genuinely excellent.
#1last30days-skill
Medium riskgithub.com/mvanhorn/last30days-skill
What it is
An Agent Skill (Claude Code, Codex, Cursor, Gemini CLI…) that adds a /last30days <topic> command. It fan-out searches ~20 sources — Reddit, X, YouTube, TikTok, Hacker News, Polymarket, GitHub, arXiv — for the last 30 days, ranks results by real engagement (upvotes, likes, prediction-market money), and synthesizes one cited brief. Reddit/HN/Polymarket/GitHub work with zero API keys.
What's inside
skills/last30days/SKILL.md— a 2,148-line runtime spec the agent follows (setup wizard, flows, flags)scripts/last30days.py+ ~100 modules inscripts/lib/— per-source clients, pipeline, fusion, renderingstore.py/watchlist.py/briefing.py— recurring trend monitoring with Slack/webhook deliverymcp/— Go MCP server builds for Claude Desktop; multi-host plugin manifests for Claude/Codex/Grok
Install & use
/plugin marketplace add mvanhorn/last30days-skill # Claude Code
/plugin install last30days
npx skills add mvanhorn/last30days-skill -g # Codex / Cursor / Gemini
/last30days claude code skills # then just ask
How you can use it
- Pre-meeting dossiers on a person/company: recent X posts, GitHub activity, podcast mentions
- Competitive comparisons with live stars + community sentiment (
X vs Y,--competitors) - Content research: what Reddit/X actually says about a niche this month, before you write
- Per-client scheduled trend monitoring via
--store+ watchlists
Security
- Secrets handled well: keys in
~/.config/last30days/.envwritten 0600, or macOS Keychain; noeval/shell=True; XSS-hardened HTML output; OpenSSF Scorecard CI. - Caution: keyless web fetch proxies URLs through
r.jina.ai(third party sees your queries); optional publishing uploads briefs toapi.ht-ml.app; the setup wizard executes a pinned npm package vianpx; it can (with consent) decrypt X.com cookies from your local Chrome profile. - Prompt injection gap: its whole job is piping untrusted social-media text into your agent's context — and SKILL.md contains no injection warning or mitigations.
Verdict: unusually well-engineered for a viral skill; install it, but use throwaway/scoped API keys and decline browser-cookie access unless you need X results.
#2headroom
Medium riskgithub.com/headroomlabs-ai/headroom
What it is
A local "context compression layer" that sits between your AI agent (Claude Code, Codex, Cursor…) and the LLM API, shrinking tool outputs, logs, JSON and history before they're sent — claiming 60–95% fewer tokens on JSON-heavy content with the same answers. Compression is reversible: originals are cached locally and the model can query them back.
What's inside
headroom/— Python library: SmartCrusher (JSON), AST CodeCompressor (6 languages), Kompress-v2 ML text compressorheadroom/proxy/— FastAPI localhost reverse proxy with ~100 policy modules (auth, redaction, caching)headroom/ccr/— reversible-compression store + MCP server;crates/— Rust core rewrite- TypeScript SDK, Claude Code hooks, opencode/openclaw plugins, benchmark suite
Install & use
uv tool install --python 3.13 "headroom-ai[all]"
headroom wrap claude # launches Claude Code through the compression proxy
headroom doctor && headroom dashboard
headroom unwrap claude # undo
How you can use it
- Cut Claude Code / Codex API bills (~15–20% typical, more on JSON-heavy tool output) with one command
- Compress RAG chunks / scraper output inline via
compress(messages)in your pipelines - Fit longer working sessions into the context window before compaction kicks in
Security
- By design it MITMs all your LLM traffic (localhost only). Auth headers are redacted from debug captures; telemetry is local-only and the old phone-home beacon was removed; an
HEADROOM_OFFLINEair-gap switch exists. - Caution: cached originals live unencrypted in
~/.headroom/ccr_store.db— every tool output your agent ever produced, in plaintext SQLite. Treat that folder as sensitive. - Caution: loads HuggingFace tokenizers with
trust_remote_code=True, and[all]pulls 269 locked packages (torch, transformers…) — a big supply-chain surface. Maintainer is attentive (proactively excluded a compromised dependency release).
Verdict: real savings for heavy Claude Code/Codex users; adopt it, skip [all] extras you don't need, and protect ~/.headroom.
#3hermes-agent
Medium† riskgithub.com/NousResearch/hermes-agent
What it is
Nous Research's open-source "self-improving" personal AI agent — the biggest repo on this list. A Python agent loop with a terminal UI plus a gateway that lets you talk to it from Telegram, Discord, Slack, WhatsApp, Signal, email and ~25 other channels. It writes its own skills from experience, keeps long-term memory about you, runs cron automations, and executes shell commands on local machine, Docker, SSH or cloud sandboxes. Model-agnostic.
What's inside
agent/— core loop: context engine, memory manager, skill creation/curation, secret redactiongateway/+plugins/platforms/— ~29 messaging connectors, DM pairing, webhooks, API servertools/— 40+ tools; six terminal backends (local, Docker, SSH, Singularity, Modal, Daytona)skills/— bundled skill library +skills_guard.pyscanner; cron scheduler; desktop app + TUI
Install & use
curl -fsSL https://hermes-agent.nousresearch.com/install.sh | bash # install.ps1 on Windows
hermes setup && hermes # wizard, then terminal chat
hermes gateway setup && hermes gateway start # then message your bot on Telegram
How you can use it
- Always-on assistant on a cheap VPS you message from Telegram — research, drafting, file wrangling
- Scheduled automations: daily client reports, backup checks, weekly repo audits delivered to Slack/Discord
- A trainable "ops person" that builds reusable skills for your recurring workflows
Security
- Better hygiene than most in its class: credentials 0600 in
~/.hermes/auth.json, env scrubbed from subprocesses, unknown chat users must pair with owner-approved codes, HTTP surfaces default to loopback, no first-party telemetry (it even disables a dependency's PostHog). - Caution: the default terminal backend is
local— LLM-generated shell commands run directly on your machine, and internet-facing chat channels feed it input. This is the same exposure class that produced real-world OpenClaw incidents; Hermes documents it honestly and ships containment options, but the defaults are permissive. - Caution: skills execute arbitrary Python at import time, and scanning of agent-created skills (
skills.guard_agent_created) is off by default. Optional cloud memory (Honcho/mem0) ships your user model to third parties.
Verdict: genuinely capable and honest about its trust model — run it in Docker or on a disposable VPS with allowlists, never bare on your main machine. † High risk if installed carelessly.
#4taste-skill
Low riskgithub.com/Leonxlnx/taste-skill · tasteskill.dev
What it is
A pack of 13 portable Agent Skills — pure markdown instruction files that steer Claude Code / Codex / Cursor away from generic "AI slop" frontends. They encode opinionated design rules: typography, layout variance, motion direction, banned clichés (centered hero, purple gradients, Inter-everywhere). No runtime code at all.
What's inside
design-taste-frontend(v2, 1,207 lines) — flagship: brief inference, VARIANCE/MOTION/DENSITY dials, design-system mapping, canonical GSAP ScrollTrigger skeletons, pre-flight checksgpt-taste— stricter GPT/Codex variant;redesign-skill— audit-first refresh of existing UIssoft-skill/minimalist-skill/brutalist-skill— fixed aesthetic directionsoutput-skill— anti-truncation (bans// TODOplaceholders);imagegen-web/mobile,brandkit— image-prompt skills for mockup boards
Install & use
npx skills add https://github.com/Leonxlnx/taste-skill --skill "design-taste-frontend"
# then prompt normally — the skill auto-triggers, states a "Design Read", ships code
How you can use it
- Drop into Vite/React client projects so landing pages stop looking AI-generated — its GSAP pin/scrub skeletons slot straight into a ScrollTrigger workflow
brandkit+imagegen-frontend-webfor client-facing mockups and brand boards before writing coderedesign-skillas a protocol for paid "refresh this site" jobs
Security
- Prompt-only: the only scripts are a trivial path-echo
skill.shand README asset-resizing helpers that never run at install/use time. - Scanned clean: no injection directives, no zero-width/hidden characters, no network calls, no data exfiltration. The only "installs" it ever suggests are mainstream npm design systems (shadcn, Fluent, Carbon).
Verdict: safe and genuinely good — one of the two repos on this list you can install today with no precautions. Best for marketing sites and portfolios, not data-heavy dashboards.
#5markitdown
Low riskgithub.com/microsoft/markitdown
What it is
Microsoft's (AutoGen team) utility that converts almost any file — PDF, Word, Excel, PowerPoint, images, audio, HTML, ZIP, YouTube URLs — into structured Markdown optimized for LLM consumption. Preserves headings, tables and links; prioritizes token-efficiency over pixel fidelity. The de facto standard doc-to-Markdown tool.
What's inside
packages/markitdown— core library + CLI with per-format converters (pdfminer, mammoth, openpyxl, python-pptx…)packages/markitdown-mcp— MCP server exposingconvert_to_markdown(uri)to Claude Desktop/Codepackages/markitdown-ocr— LLM-vision OCR plugin for images embedded in documents- Optional Azure Document Intelligence integration and LLM image captioning
Install & use
pip install 'markitdown[all]'
markitdown client-brief.pdf -o brief.md
pip install markitdown-mcp && markitdown-mcp # give Claude "read any document"
How you can use it
- RAG ingestion: normalize client PDFs/Office docs to Markdown before chunking/embedding
- Feed briefs, spreadsheets and decks into Claude context without manual copy-paste
- Bulk-migrate legacy docs (Outlook MSG, old XLS, EPub) into Markdown knowledge bases
Security
- Clean codebase: no telemetry, no eval/exec, XML parsed via defusedxml (XXE mitigated), plugins disabled by default, known-CVE ExifTool versions refused.
- Caution (server use only):
convert()happily fetcheshttp:/file:URIs with no filtering — wrapping it in an internet-facing service creates an SSRF/local-file-read surface. Useconvert_local()/convert_stream()and gate inputs. ZIP handling has no bomb protection.
Verdict: adopt without hesitation for local/CLI use; just never expose raw convert() to untrusted input on a server.
#6agent-reach
Medium riskgithub.com/Panniantong/Agent-Reach
What it is
An installer/health-checker/router that gives AI agents read & search access to 13+ platforms — Twitter/X, Reddit, YouTube, GitHub, Bilibili, XiaoHongShu, LinkedIn, RSS — with "zero API fees." It doesn't scrape anything itself: it installs upstream open-source CLIs (yt-dlp, twitter-cli, gh…) and teaches your agent to call them directly.
What's inside
cli.py(1,834 lines) — install/doctor/configure; auto-installs gh, Node.js, yt-dlp, twitter-cli, bili-cli, rdt-clichannels/— per-platform probes with ordered fallback backends; generic web reads via Jina Readercookie_extract.py— pulls Twitter/XHS/Bilibili cookies from your local browser to authenticate scrapingskill/SKILL.md— instructions installed into your agent's skills directory
Install & use
pipx install https://github.com/Panniantong/agent-reach/archive/main.zip
agent-reach install --safe --dry-run # see what it would change first
agent-reach install --channels=reddit,youtube
agent-reach doctor
How you can use it
- Social listening: brand/product sentiment across Twitter, Reddit, XiaoHongShu from one prompt
- Content research: YouTube/Bilibili transcript summaries, podcast-to-text, RSS monitoring
- China-market research (XHS reviews, Bilibili, Xueqiu) without Chinese-app friction
Security
- No malware or telemetry found; credentials stored locally with 0600 permissions; update checks hit GitHub only.
- Caution: heavy third-party trust delegation — every generic URL you read routes through Jina's
r.jina.ai, all web searches go to Exa's hosted MCP, podcast audio uploads to Groq. Those services see your queries. - Caution: the installer executes NodeSource's setup shell script (curl-then-bash as root, in effect), installs itself from an unpinned
main.zip, and the recommended flow — "paste this URL to your agent" — has your agent fetch and obey remote instructions. Whoever controls that repo controls future installs. - Caution: cookie-based scraping of X/Reddit/Meta violates their ToS; the README itself advises burner accounts. Cookies can also transit an optional third-party residential proxy.
Verdict: useful research glue, but run it with --safe, burner accounts, and ideally in a sandbox/VM — never with your main-account cookies.
#7open-notebook
Medium riskgithub.com/lfnovo/open-notebook
What it is
A privacy-first research assistant you run yourself: collect sources (PDFs, web pages, video/audio), chat with them, generate notes and multi-speaker podcasts. Works with 18+ AI providers (OpenAI, Anthropic, Ollama, LM Studio…) so you're not locked to Google — or to the cloud at all.
What's inside
- FastAPI REST API (port 5055, ~24 routers) + Next.js web UI (port 8502) + SurrealDB (port 8000)
- Podcast engine: 1–4 custom speakers with episode/speaker profiles
- "Transformations" — AI content pipelines (summaries, insights) + background worker for embeddings
- Optional Docling OCR and Crawl4AI scraping for ingestion
Install & use
curl -O https://raw.githubusercontent.com/lfnovo/open-notebook/main/docker-compose.yml
# EDIT: set OPEN_NOTEBOOK_ENCRYPTION_KEY + OPEN_NOTEBOOK_PASSWORD
docker compose up -d # UI at http://localhost:8502, API docs at :5055/docs
How you can use it
- Private research vault per project — chat and search across dumped docs/videos/articles
- Per-client knowledge bases with REST-API automation into your own tooling
- Turn research into multi-speaker podcast episodes; run fully local via Ollama for zero API spend
Security
- Good bones: provider API keys encrypted at rest (Fernet), no telemetry, SSRF guard blocks cloud-metadata IPs, private vulnerability reporting policy.
- Caution: the web UI and API are unauthenticated by default — auth only activates if you set
OPEN_NOTEBOOK_PASSWORD. Compose ships SurrealDB asroot:rootand a placeholder encryption key. CORS is wide open. Fine on localhost; dangerous if you port-forward or host it unhardened.
Verdict: the best self-hosted NotebookLM today. Run it on localhost or behind a reverse proxy with a real password and DB credentials.
#8career-ops
Medium riskgithub.com/santifer/career-ops · career-ops.org
What it is
Turns an AI coding CLI (Claude Code, Codex, OpenCode…) into a job-search command center: scans 150+ company ATS portals for new listings, has the LLM score each job against your CV (1.0–5.0 with an A–F rubric), generates tailored ATS-optimized CV/cover-letter PDFs, and tracks your pipeline in local Markdown files. Built by a developer after a real 740-listing job hunt.
What's inside
modes/*.md— ~30 prompt "modes" (auto-pipeline, apply, deep research, interview prep) in 15+ languagesscan.mjs+ 61 provider modules — zero-token HTTP scanner for Greenhouse, Lever, Ashby, Workday…- Playwright layer for read-only job-description extraction and HTML→PDF resume generation
- Go terminal dashboard + alpha web view — both read only local files; Notion/Gmail plugins
Install & use
npx @santifer/career-ops init
cd career-ops && claude # chat onboarding builds cv.md + profile
/career-ops scan # find new listings
/career-ops <paste job URL> # score → report → tailored PDF → tracker
How you can use it
- Serious job hunting: filter hundreds of listings, apply only to 4.0+/5.0 fits
- Reverse it for recruiting: score candidate–role fit at scale
- Re-aim the clean ATS-API provider library at competitor hiring pages for market/lead intel
Security
- Local-first done right: CV/profile/data gitignored, CI blocks personal data in PRs, no telemetry, SSRF guard on URL checks, Playwright layer marked strictly read-only.
- Caution: "never auto-submit" is enforced only in prompts, not code — models can misbehave; keep a human on every submit. Optional eval scripts send your full CV to Gemini/OpenAI/OpenRouter. Portal scraping uses a browser-impersonating user agent — ToS risk is explicitly yours. Self-updater runs
npm install(supply-chain surface).
Verdict: well-engineered and genuinely useful for a high-volume search — with human review before every application.
#9"container"
Not foundThis repo could not be found — and probably doesn't exist
The slide claims "Container" is an AI second-brain app (+4.3K stars): capture anything, auto-organize, AI chat with your data, "share containers with your team," cross-platform Web/Mac/Windows.
We searched for it every way available: GitHub repo-name search (all repos named "container" sorted by stars), GitHub description search ("second brain," "knowledge," recent creation dates), general web search, and the post's own distinctive phrases. No GitHub repository matching this name and description exists. The top repos actually named "container" are Apple's Linux-container tool and Docker/OCI infrastructure — nothing to do with knowledge management.
If you want what this slide promised — an open-source AI second brain — the real, established options are khoj-ai/khoj (self-hosted AI second brain), Logseq, or SiYuan.
#10pm-skills
Low riskWhat it is
"PM Skills Marketplace" by Paweł Huryn (productcompass.pm): 68 skills and 42 slash-command workflows across 9 Claude Code/Cowork plugins. Each skill is a prompt template encoding a named product-management framework (Teresa Torres, Cagan, JTBD, RICE, SWOT…) that walks the AI through producing a structured deliverable. No application code ships with it.
What's inside
- pm-product-discovery (13): ideation, assumption mapping, experiments, interview synthesis
- pm-product-strategy (12): vision, lean canvas, SWOT, PESTLE, Porter's Five Forces, pricing
- pm-execution (16): PRDs, OKRs, roadmaps, sprint plans, pre-mortems, retros
- pm-market-research (7), pm-go-to-market (6), pm-marketing-growth (5), pm-data-analytics (3)
- pm-ai-shipping: static security/performance audit commands for AI-built code; pm-toolkit: NDAs, privacy policies
Install & use
claude plugin marketplace add phuryn/pm-skills
claude plugin install pm-execution@pm-skills # install per plugin
/write-prd /discover /strategy /plan-launch
How you can use it
- Client-ready PRDs, user stories and test scenarios from a rough brief (
/write-prd,/red-team-prd) - Prioritize feature backlogs with RICE/ICE instead of gut feel
- Package strategy artifacts (lean canvas, GTM plan, battlecards, pricing) as billable client deliverables
Security
- 147 files, zero executable content in the installed plugins — no hooks, no scripts, no binaries, no MCP servers. No prompt-injection directives found; nothing writes outside the project.
Verdict: safe to install today. Best for solo devs/agencies wearing the PM hat; pm-execution + pm-product-discovery + pm-go-to-market cover most needs.
◈Security audit — method & results
Two passes were run on every cloned repo:
- Automated static scan (skill-security-auditor v2.2.0): pattern-matches for command injection, eval/exec, obfuscation, network exfiltration, credential harvesting, filesystem abuse, prompt-injection phrasing.
- Manual review (one dedicated AI analyst per repo): read the actual code paths — installers, network endpoints, credential storage, subprocess use, prompt-injection surfaces — and judged findings in context.
| Repo | Scanner: critical | Scanner: high | Scanner verdict | Manual risk verdict | Biggest real concern |
|---|---|---|---|---|---|
| hermes-agent | 1,198 | 1,192 | FAIL* | Medium† | Chat channels → unsandboxed local shell by default |
| headroom | 273 | 327 | FAIL* | Medium | Plaintext cache of all tool outputs; trust_remote_code |
| career-ops | 77 | 47 | FAIL* | Medium | No-auto-submit is prompt-level only; CV to LLM APIs |
| open-notebook | 32 | 27 | FAIL* | Medium | Unauthenticated by default; root:root DB in compose |
| last30days-skill | 14 | 41 | FAIL* | Medium | Browser-cookie access; no prompt-injection mitigations |
| markitdown | 6 | 16 | FAIL* | Low | SSRF/file: URI fetch if exposed as a server |
| agent-reach | 3 | 48 | FAIL* | Medium | Third-party traffic routing; curl-bash installer; ToS |
| pm-skills | 0 | 4 | WARN | Low | None material — prompt-only |
| taste-skill | 0 | 2 | WARN | Low | None material — prompt-only |
* Scanner "FAIL" = raw pattern hits above threshold, before human context review. No repo was found to contain malware, telemetry beacons, or intentional exfiltration.
Cross-cutting themes to remember
- Prompt injection is the blind spot. Three repos (last30days, agent-reach, career-ops) deliberately pipe untrusted internet content into your agent's context; only career-ops meaningfully gates the resulting actions, and none fully mitigates it. Assume anything your agent reads can try to steer it.
- curl-pipe-bash installs are normalized. hermes-agent and agent-reach both install via piped remote scripts; agent-reach even tells you to paste an instruction URL directly to your agent. Read installers before running them.
- "Local-first" still leaks by design. headroom caches everything in plaintext; agent-reach routes reads through Jina/Exa; career-ops sends your CV to whichever model you configure. Local-first ≠ nothing leaves the machine.
- Defaults are the danger, not the code. open-notebook without a password, hermes on a bare laptop, agent-reach with your real cookies — every high-consequence scenario here comes from default or careless configuration, not hidden malice.
Safe-use checklist
- Clone and skim before installing; prefer pinned versions over
main. - Give research tools burner/scoped accounts and separate API keys with spend limits.
- Run agent frameworks (hermes-agent) in Docker or a throwaway VPS — never with default local shell on your work machine.
- Self-hosted apps (open-notebook): set passwords + encryption keys before first boot; keep them off the public internet.
- Treat
~/.headroom,~/.hermes,~/.agent-reach,~/.config/last30daysas credential stores when backing up or syncing.
◈How these fit together (suggested stack)
Install today — low risk, immediate value
- taste-skill → better client-facing frontends from your existing Claude Code workflow
- markitdown → turn any client doc into AI-ready Markdown; add the MCP server to Claude
- pm-skills → PRDs, roadmaps and GTM docs as billable deliverables
Adopt with precautions
- headroom → wrap Claude Code once your usage/bills justify it; guard
~/.headroom - last30days-skill → research briefs with scoped keys, no browser cookies
- open-notebook → per-client research vaults, localhost + password
Sandbox / evaluate only
- hermes-agent → impressive, but only in Docker/VPS with allowlists
- agent-reach → social listening with burner accounts in a VM
- career-ops → only if actually job-hunting; or mine its ATS provider library as a pattern reference
A concrete pipeline example
Client project kickoff:
- markitdown converts the client's brief/decks to Markdown
- last30days researches their market's recent conversation
- pm-skills
/write-prdturns both into a PRD - taste-skill steers the build so the site doesn't look AI-generated
- headroom keeps the token bill down the whole way
◈All links & local clones
| # | Repo | GitHub URL | Clone command |
|---|---|---|---|
| 1 | last30days-skill | github.com/mvanhorn/last30days-skill | git clone https://github.com/mvanhorn/last30days-skill.git |
| 2 | headroom | github.com/headroomlabs-ai/headroom | git clone https://github.com/headroomlabs-ai/headroom.git |
| 3 | hermes-agent | github.com/NousResearch/hermes-agent | git clone https://github.com/NousResearch/hermes-agent.git |
| 4 | taste-skill | github.com/Leonxlnx/taste-skill | git clone https://github.com/Leonxlnx/taste-skill.git |
| 5 | markitdown | github.com/microsoft/markitdown | git clone https://github.com/microsoft/markitdown.git |
| 6 | agent-reach | github.com/Panniantong/Agent-Reach | git clone https://github.com/Panniantong/Agent-Reach.git |
| 7 | open-notebook | github.com/lfnovo/open-notebook | git clone https://github.com/lfnovo/open-notebook.git |
| 8 | career-ops | github.com/santifer/career-ops | git clone https://github.com/santifer/career-ops.git |
| 9 | "container" | — | Not found on GitHub — see #9 |
| 10 | pm-skills | github.com/phuryn/pm-skills | git clone https://github.com/phuryn/pm-skills.git |
All nine real repos are cloned locally under the project folder: …\08. Fastest Grwoing Git Repos\repos\<name> (shallow clones, --depth 1). Per-repo analysis notes live in analysis\*.md and raw scanner output in audits\*.json.