Skill Detail
Lint X.509 certificates against Web PKI rules with zlint before issuance or rollout
Check certificates and precertificates for Web PKI standards violations before CA issuance, trust-store submission, or deployment.
Security & VerificationMulti-Framework
Security & Verification
Multi-Framework
Security Reviewed
β 429 GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill lint-x509-certificates-against-web-pki-rules-with-zlint-before-issuance-or-rollout
Works best when you want a reusable capability, not another fragile one-off prompt.
At a glance
Tools required
PEM or DER certificate or precertificate input, zlint CLI or Go library, operator able to interpret lint findings
Install & setup
Install zlint from the upstream repository or releases, then run it against the target certificate or precertificate file.
Author
zmap
Publisher
Open Source Project
Last updated
Apr 19, 2026
Quick brief
Use zlint when the job is to evaluate a certificate or precertificate against Web PKI rules before issuance, trust-store submission, or production rollout. The upstream project is explicitly a certificate linter focused on standards and policy compliance.
How it works
What this skill actually does
Invoke this instead of generic certificate viewers or TLS scanners when the need is standards linting and explainable policy failures, not chain inspection or service monitoring. The scope boundary is clear: zlint lint-checks X.509 artifacts against PKI requirements. It is not a general CA product, certificate lifecycle platform, or server listing.