atbender/skillcheck

Overview

This skill is an LLM-powered security auditor that inspects Claude Code skills for security risks before installation. It parses a GitHub repository reference, fetches relevant skill files and scripts, and produces a concise risk report with a clear verdict. The goal is to flag patterns that could harm a user’s environment or exfiltrate secrets.

How this skill works

Given a repository identifier, the skill extracts owner and repo names, lists repository files, and retrieves key manifests and scripts for analysis. It scans fetched contents for critical patterns like unrestricted shell execution, credential access, remote code execution, and exfiltration attempts. Findings are prioritized into CRITICAL, HIGH, MEDIUM, and LOW categories and presented in a short, formatted report with a final verdict.

When to use it

• Before installing any third-party Claude Code skill from GitHub
• When a skill requests broad system permissions (Bash, file system, network)
• When a skill installs packages or downloads external code at runtime
• When a skill declares hooks or background processes
• When you need a fast pre-install security assessment to decide on manual review

Best practices

• Always run the auditor on public and private skill repos before installation
• Treat flagged CRITICAL issues as blockers and do not install until resolved
• For HIGH or MEDIUM findings, inspect the specific files and lines cited
• Require explicit, minimal permissions in manifests; avoid broad Bash scopes
• Use authenticated API access to avoid rate limits when scanning many repos

Example use cases

• Quickly screening a newly published skill that requests shell or network access
• Verifying that a skill’s codebase does not read common secret locations
• Assessing whether runtime package installation or external downloads occur
• Checking for background services or file writes outside the project directory
• Automating a pre-deployment security gate in a CI pipeline for skill installation