Repository inventory

slior/skill-security

Skills indexed from this repository, with install-style signals scoped to the repo.
1 skills0 GitHub stars0 weekly installsGitHubOwner profile

Overview

This skill analyzes the full definition of an AI agent skill (including prompts and executable code) to detect potentially malicious behavior and supply-chain risks. It produces a structured Markdown assessment highlighting destructive actions, exfiltration, self-replication, persistence, and unsafe network activity. The output is a conservative, actionable report intended for maintainers and security reviewers.

How this skill works

The skill loads the target skill definition from the provided location, parses code and prompt text, and performs static semantic analysis to enumerate risky imports, shell calls, and dynamic behaviors. It then applies behavioral reasoning to assess worm-like propagation, lateral movement, and supply-chain infection vectors. Finally, it generates a Markdown report with per-finding severity, evidence, and remediation steps.

When to use it

  • Review new or updated skills before publishing to a registry
  • Audit third-party or untrusted skill contributions
  • Conduct incident response on suspected compromised skills
  • Perform periodic supply-chain security reviews for agent ecosystems
  • Validate CI/CD build steps for unexpected side-effects

Best practices

  • Run the scan in an isolated environment with read-only access when possible
  • Treat any runtime calls that execute on import as high-risk until reviewed
  • Prefer explicit allow-lists for remote downloads and dependencies
  • Require human review for findings with High severity before acceptance
  • Keep audit logs and reproduce findings in a sandbox for confirmation

Example use cases

  • Detect a skill that registers cron jobs or systemd services during install
  • Find code that reads environment variables or files containing tokens and sends them externally
  • Reveal dynamic imports from arbitrary URLs or packages from unverified registries
  • Identify code that writes new skill files or copies itself into other repositories
  • Validate that prompt text does not instruct side-effecting shell execution

FAQ

A path or URL to the skill location containing code, prompts, and manifests. Local paths should be scanned in a safe, isolated environment.

Can the scanner execute the skill?

No. The analysis is primarily static and behavioral reasoning. Execution is avoided; findings flag code patterns that would execute on import or setup for further sandboxed review.

1 skills

More from this maintainer
Other repositories and skills published under the same GitHub owner.
Skills library
Jump back to the full directory or explore grouped topics.
Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational