Show HN: SkillScan – Free API to detect malicious AI agent skill files (skillscan.chitacloud.dev)

SkillScan, a newly launched free API, offers a critical security tool for detecting malicious AI agent skill files, effectively acting as a YARA-style scanner for Moltbook skill files. This tool identifies risks such as credential theft and data exfiltration by analyzing skill files before they are installed on AI agents. A recent analysis revealed a credential stealer in the ClawdHub skill, which could compromise all API keys by secretly exfiltrating sensitive data. This poses a significant threat, as AI agents often trust these skill files blindly, making them vulnerable to malicious instructions. For the AI/ML community, SkillScan represents a proactive approach to enhancing security in AI agent ecosystems. By integrating this scanner into their workflows, developers can easily assess the safety of skills with simple POST requests containing either URLs or raw content. The service returns a detailed response, indicating the safety of the skill and providing a severity score for detected threats. This not only empowers developers to safeguard their applications but also highlights the importance of security in the rapidly evolving landscape of AI technologies. By prioritizing security through tools like SkillScan, the community can mitigate risks associated with integrating third-party skills.