name: skillscan
description: Security scanner for AI agent skills - detect prompt injection, data exfiltration, and supply chain attacks before installation
version: 0.1.0
author: dejimarquis
tags:
- security
- scanning
- trust
- verification

SkillScan 🔍

Trust verification for AI agent skills — Scan, score, and verify skills before installation.

Why Use SkillScan?

AI agent skill marketplaces are growing rapidly, but skill supply chain security is broken:

• 🎭 Tool Poisoning: Hidden instructions in skill metadata can exfiltrate SSH keys, API tokens, or personal data
• 📈 Fake Trust Signals: Download counts can be inflated with simple scripts
• 💉 Prompt Injection: Malicious skills can override agent behavior

SkillScan detects these attacks before they reach your agent.

How to Scan a Skill

When a user asks you to check if a skill is safe, run this command:

npx skillscan scan /path/to/skill

For more technical details (file locations, line numbers):

npx skillscan scan /path/to/skill --verbose

Example prompts users might ask:

• "Scan the github-automator skill for security issues"
• "Check if this skill is safe before I install it"
• "Run a security scan on /path/to/some-skill"

Understanding the Output

For safe skills: You'll see a green "SAFE TO INSTALL" verdict with a 100/100 score.

For suspicious skills: You'll see a red "DO NOT INSTALL" verdict with:
- A TL;DR explaining the main risk
- Grouped issues with code snippets showing what's wrong
- A plain-English explanation of the risks
- A clear recommendation

What It Detects

🔴 Critical Issues

• Prompt Injection: Attempts to override AI safety rules
• Credential Theft: References to SSH keys, AWS credentials, API tokens

🟠 High Risk Issues

• Hidden Instructions: Zero-width characters, HTML comments hiding code
• Suspicious File Access: Path traversal, home directory access

Trust Score

SkillScan — Because trust should be verified, not assumed. 🛡️