- Home
- Skills
- Slior
- Skill Security
- Security Scan
security-scan_skill
0
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill slior/skill-security --skill security-scan- SKILL.md3.6 KB
Overview
This skill analyzes the full definition of an AI agent skill (including prompts and executable code) to detect potentially malicious behavior and supply-chain risks. It produces a structured Markdown assessment highlighting destructive actions, exfiltration, self-replication, persistence, and unsafe network activity. The output is a conservative, actionable report intended for maintainers and security reviewers.
How this skill works
The skill loads the target skill definition from the provided location, parses code and prompt text, and performs static semantic analysis to enumerate risky imports, shell calls, and dynamic behaviors. It then applies behavioral reasoning to assess worm-like propagation, lateral movement, and supply-chain infection vectors. Finally, it generates a Markdown report with per-finding severity, evidence, and remediation steps.
When to use it
- Review new or updated skills before publishing to a registry
- Audit third-party or untrusted skill contributions
- Conduct incident response on suspected compromised skills
- Perform periodic supply-chain security reviews for agent ecosystems
- Validate CI/CD build steps for unexpected side-effects
Best practices
- Run the scan in an isolated environment with read-only access when possible
- Treat any runtime calls that execute on import as high-risk until reviewed
- Prefer explicit allow-lists for remote downloads and dependencies
- Require human review for findings with High severity before acceptance
- Keep audit logs and reproduce findings in a sandbox for confirmation
Example use cases
- Detect a skill that registers cron jobs or systemd services during install
- Find code that reads environment variables or files containing tokens and sends them externally
- Reveal dynamic imports from arbitrary URLs or packages from unverified registries
- Identify code that writes new skill files or copies itself into other repositories
- Validate that prompt text does not instruct side-effecting shell execution
FAQ
A path or URL to the skill location containing code, prompts, and manifests. Local paths should be scanned in a safe, isolated environment.
Can the scanner execute the skill?
No. The analysis is primarily static and behavioral reasoning. Execution is avoided; findings flag code patterns that would execute on import or setup for further sandboxed review.