SKILLSPECTOR
SCANNER ARMED
// AGENT SKILL SECURITY

Scan every skill
before it gets airborne.

Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.

RUN SCAN ▸ View on GitHub
THREAT READOUTSES//04A · LIVE
7findings across 142 skills scanned
shell.exec → unescaped argvHIGH
fetch() to undeclared hostMED
secret-like literal in promptMED
manifest signature verifiedPASS
Readout values are illustrative.
SASTstatic skill analysis
Patternsmalicious-intent heuristics
CIgate on every commit
OSSopen rule registry