SecurityOpen SourceFreeActiveMachine-verified· beginner · ~10 min setup

Vet the fine print a star count hides: real license and a gate on dual-use tools

Before you build on a starred repo, record its actual license (not an assumed permissive one) and whether it is dual-use, so a custom license or an impersonation risk never surprises you after you have shipped.

by Shilpa Mitra· verified today· v1.0.0

Run this workflow

CI-verified, 2/2 fixtures passing.

Build this with your agent

One copy-paste hands Claude Code, Codex, or Cursor the full recipe, steps included, nothing to fetch.

Intended Use

Anyone about to build on an open-source AI repo. CI validates a dependency manifest: each dep states a real license (not one containing 'assume'), any license outside MIT/Apache/BSD is explicitly marked reviewed: true, and every dep flagged dual_use carries a non-empty authorization gate (consent, permission, or authorized-use only). No install, no network. Judging whether a tool fits your use is fenced.

Not for

  • Assuming permissive defaults, a popular repo can carry a custom or copyleft license; MinerU's custom license and AGPL are exactly the traps this catches
  • Trusting a repo name, Anthropic-Cybersecurity-Skills is a community project, not official Anthropic; verify affiliation, do not infer it from the title
  • Shipping dual-use capability without consent, voice or site cloning without permission is impersonation and IP infringement, and offensive security tooling against systems you do not own is illegal

The Stack

Tested Against

github.com/opendatalab/MinerU (license verified 2026-07)node@20

Side effects & data flow

Network
none, local only
Writes
./dependencies.json
Credentials
none required

Prerequisites

  • The actual license and dual-use posture of each dependency (read the repo, do not assume)

Steps

  1. 1

    Write the dependency manifest and vet it

    For each repo you plan to build on, record its real license, its license family, and whether it is dual-use (with the authorization rule if so). CI checks you did not assume a license, that non-standard licenses are marked reviewed, and that every dual-use tool has an authorization gate. Deciding if a tool fits your use is fenced.

    cat > dependencies.json <<'JSON'
    {
      "dependencies": [
        { "name": "MinerU", "license": "MinerU Open Source License", "license_family": "custom", "reviewed": true, "dual_use": false },
        { "name": "voicebox", "license": "open (verify on repo)", "license_family": "unknown", "reviewed": true, "dual_use": true, "authorization": "clone only voices you have consent to use" },
        { "name": "ai-website-cloner-template", "license": "open (verify on repo)", "license_family": "unknown", "reviewed": true, "dual_use": true, "authorization": "clone only sites you own or have permission to copy" },
        { "name": "Anthropic-Cybersecurity-Skills", "license": "Apache-2.0", "license_family": "apache", "dual_use": true, "authorization": "authorized blue-team or lab use only; offensive use against systems you do not own is illegal" },
        { "name": "agent-native", "license": "open (verify on repo)", "license_family": "unknown", "reviewed": true, "dual_use": false }
      ]
    }
    JSON
    node -e '
    const fs = require("fs");
    const c = JSON.parse(fs.readFileSync("dependencies.json", "utf8"));
    function bad(m) { console.error("BAD: " + m); process.exit(1); }
    const deps = c.dependencies || [];
    if (deps.length < 1) bad("list at least one dependency");
    const STD = ["mit", "apache", "bsd"];
    let reviewed = 0, dualGated = 0;
    for (const d of deps) {
      if (!d.name) bad("each dependency needs a name");
      const lic = String(d.license || "");
      if (!lic || lic.toLowerCase().indexOf("assume") !== -1) bad(d.name + " must state its real license, not an assumed one");
      const fam = String(d.license_family || "").toLowerCase();
      if (STD.indexOf(fam) === -1) {
        if (d.reviewed !== true) bad(d.name + " has a non-standard license; set reviewed: true once you have read the terms");
        reviewed++;
      }
      if (d.dual_use === true) {
        if (!d.authorization || String(d.authorization).length < 5) bad(d.name + " is dual-use; declare an authorization gate (consent, permission, or authorized-use only)");
        dualGated++;
      }
    }
    console.log("deps OK: " + deps.length + " dependency(ies) vetted; " + reviewed + " with non-standard licenses reviewed, " + dualGated + " dual-use tools each carry an authorization gate");
    '
  2. 2

    Decide if each tool fits your use (the judgement step, not checked by CI)

    With the license and dual-use facts written down, decide per tool: is the license compatible with what you are shipping, and can you meet the authorization requirement for the dual-use ones? Keep the sensitive ones in an authorized, consented, lab context. The judgement is fenced.

Eval, 2 fixtures

Last passed: verified today
  • vet-okcontainstimeout 30s · max $0

    Expected: deps OK: 5 dependency(ies) vetted; 4 with non-standard licenses reviewed, 3 dual-use tools each carry an authorization gate

  • clean-exitexit_codetimeout 30s · max $0

    Expected: 0

Results

A star count says a project is popular, not that it is safe to build on. Two kinds of fine print hide behind it: license (MinerU moved off AGPL to a custom license; a repo named Anthropic-Cybersecurity-Skills is actually a community project, not official) and dual-use (voice cloning, site cloning, and offensive security skills are the same capabilities that power fraud, spoofing, and illegal intrusion). This check makes you write both down before you depend on the thing.

Did this work for you?

Our CI checks the setup runs. You tell us if the whole thing worked. Tell us straight.

Related workflows

Liked this workflow?

Get new verified workflows in WebAfterAI, three issues a week (Tue, Thu, Sat).