RSS feeds

Two RSS feeds — one for security folks who want a push channel on new critical findings, one firehose for catalog-aware tooling. Both refresh on the same cadence as the catalog and are CDN-cached.

Endpoints

https://skillox.io/feed/critical.xml — D + F-grade only. Latest 100 entries, newest first. Targeted at security researchers, AppSec teams, and AI-safety folks. D is included alongside F because "documented anti-patterns shipped by real maintainers" is arguably more interesting than the malicious tail — that's the everyday hazard the community cares about.
https://skillox.io/feed/index.xml — catalog firehose. Latest 100 newly-scanned skills regardless of grade. Useful for mirrors, catalog-aware tooling, and the curious.

Format

RSS 2.0 with the standard channel fields plus <atom:link rel="self"> for client auto-update. Per-item fields:

title — [GRADE] skill-name @ version — verdict
link — public Report Card URL at /c/<name>
guid — permalink to the underlying scan at /r/<scan-id>
pubDate — RFC 822 timestamp of the last scan
category — single letter A / B / C / D / F
description — verdict + source repo (+ stars) + repo description + score

Auto-discovery

Both feeds are linked from every page's <head> via <link rel="alternate" type="application/rss+xml"> tags. Feed readers like NetNewsWire, Reeder, Feedly, and Inoreader pick them up automatically when you point them at any skillox.io URL.

Caching + cadence

5-minute CDN cache (s-maxage=300)
30-minute stale-while-revalidate
<ttl>15 hint for readers

The catalog grows hourly during active crawls, but typical subscribers reload every few hours — SWR keeps latency low without hammering the DB.

Want a feed scoped to a specific source (GitHub vs ClawHub vs Skills.sh) or a specific verification level? Open an issue at git.skillox.io — adding query-parameter-scoped feeds is a few-hour change.