SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubShip Full StackFull StackBackend

license-checker

Assess license compatibility for Python package redistribution using SPDX.org license database. Evaluates whether a given license allows building and distributing wheels, with real-time license information lookup.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
18
Hot score
87
Updated
March 20, 2026
Overall rating
C4.2
Composite score
4.2
Best-practice grade
B77.6

Install command

npx @skill-hub/cli install opendatahub-io-ai-helpers-license-checker

Repository

opendatahub-io/ai-helpers

Skill path: claude-plugins/python-packaging/skills/license-checker

Assess license compatibility for Python package redistribution using SPDX.org license database. Evaluates whether a given license allows building and distributing wheels, with real-time license information lookup.

Open repository

Best for

Primary workflow: Ship Full Stack.

Technical facets: Full Stack, Backend.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: opendatahub-io.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install license-checker into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/opendatahub-io/ai-helpers before adding license-checker to shared team environments
  • Use license-checker for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: license-checker
description: Assess license compatibility for Python package redistribution using SPDX.org license database. Evaluates whether a given license allows building and distributing wheels, with real-time license information lookup.
allowed-tools: [WebFetch]
---

# Python Package License Compatibility Checker

This skill helps you evaluate whether a Python package license is compatible with redistribution, particularly for building and distributing wheels in enterprise environments. It uses the authoritative SPDX License List for accurate, up-to-date license information.

## Assessment Instructions

When a user provides a license name and asks about compatibility for redistribution, building wheels, or licensing restrictions, follow this methodology:

### Step-by-Step Process

1. **Fetch Current SPDX Data**:
   ```
   Use WebFetch to query: https://raw.githubusercontent.com/spdx/license-list-data/main/json/licenses.json
   ```

2. **License Matching**:
   - Try exact SPDX ID match first
   - Try case-insensitive SPDX ID match
   - Try full name matching
   - Try partial/fuzzy matching for common variations

3. **Risk Classification**:
   ```
   IF (isOsiApproved AND isFsfLibre AND permissive_pattern):
       Risk = Low, Status = Compatible
   ELIF (isOsiApproved AND weak_copyleft_pattern):
       Risk = Medium, Status = Compatible with Requirements
   ELIF (strong_copyleft_pattern OR NOT isOsiApproved):
       Risk = High, Status = Restricted/Incompatible
   ```

4. **Generate Assessment**:
   - Include all SPDX metadata
   - Provide clear compatibility guidance
   - List specific requirements
   - Add Red Hat context where relevant

## License Assessment Framework

### Input Processing
Accept various formats and normalize them:
- **SPDX Identifiers**: "MIT", "Apache-2.0", "GPL-3.0-only"
- **Full Names**: "MIT License", "Apache License 2.0", "GNU General Public License v3.0"
- **Common Aliases**: "Apache 2", "BSD 3-Clause", "GPLv3"
- **Case Variations**: Handle case-insensitive matching

### SPDX Data Analysis
When processing SPDX license data, examine these key fields:
- `licenseId`: Official SPDX identifier
- `name`: Full license name
- `isOsiApproved`: OSI approval status (boolean)
- `isFsfLibre`: FSF Free Software status (boolean)
- `isDeprecatedLicenseId`: Whether license is deprecated (boolean)
- `reference`: URL to full license details
- `seeAlso`: Array of additional reference URLs

### Compatibility Assessment Logic

Use SPDX flags and license patterns to determine compatibility:

#### ✅ Highly Compatible (Low Risk)
- OSI Approved AND FSF Libre
- Permissive licenses (MIT, Apache, BSD, ISC family)
- No strong copyleft requirements

#### ⚠️ Compatible with Requirements (Medium Risk)
- OSI Approved but specific obligations
- Weak copyleft (LGPL, MPL)
- File-level copyleft licenses

#### ❌ Restricted/High Risk
- Strong copyleft (GPL, AGPL)
- Non-OSI approved licenses
- Proprietary or unclear terms

### Output Format

Provide a structured assessment with:

1. **SPDX Information**:
   - Official SPDX ID
   - Full license name
   - OSI Approved: Yes/No
   - FSF Libre: Yes/No
   - Deprecated: Yes/No (if applicable)

2. **Compatibility Assessment**:
   - Status: Compatible/Restricted/Incompatible
   - Redistribution: Allowed/Restricted/Prohibited
   - Commercial Use: Allowed/Restricted/Prohibited

3. **Requirements**: Key compliance obligations
4. **Risk Level**: Low/Medium/High for enterprise use
5. **Red Hat Context**: Special considerations if applicable


## Red Hat Vendor Agreements

Red Hat has specific licensing agreements with the following hardware vendors:

- **NVIDIA**: Agreement covers CUDA libraries, runtimes, and related NVIDIA proprietary components
- **Intel Gaudi**: Agreement covers Gaudi AI accelerator software and libraries
- **IBM Spyre**: Agreement covers IBM Spyre AI hardware and associated software components

When evaluating packages with dependencies on these vendor-specific components, note that Red Hat has explicit redistribution rights under these agreements.

## Error Handling

### SPDX Data Fetch Failures
If the SPDX license list cannot be retrieved, exit early and warn the user.

### License Not Found in SPDX
When a license identifier is not found in the SPDX license list:
1. Check for common typos or variations
2. Suggest SPDX-compliant alternatives
3. Recommend contacting package maintainer
4. Provide conservative risk assessment

### Deprecated Licenses
For deprecated SPDX licenses:
1. Note the deprecation status
2. Suggest migrating to current equivalent
3. Provide assessment based on deprecated license terms
4. Recommend updating package licensing

For complex licensing scenarios involving multiple packages or custom license terms, recommend consultation with legal counsel.

## Integration Notes

This skill works best when combined with:
- **python-packaging:license-finder** - Use to find license names before compatibility assessment
license-checker | SkillHub