SkillSpector (github.com)

SkillSpector, a newly developed security scanner for AI agent skills, aims to enhance the safety of integrating these skills—which are utilized by prominent AI tools like Claude Code and Codex CLI. Research indicates that approximately 26.1% of these skills harbor vulnerabilities, with 5.2% potentially exhibiting malicious intent. SkillSpector addresses this significant risk by conducting thorough scans for vulnerabilities and malicious patterns in AI agent skills before installation, enabling developers and users to ask, "Is this skill safe to install?" The tool employs a two-stage analysis approach, combining fast static analysis with optional semantic evaluation from large language models (LLMs). SkillSpector detects 64 distinct vulnerability patterns spanning 16 categories, including prompt injection, data exfiltration, privilege escalation, and more. Additionally, it utilizes real-time CVE lookup through OSV.dev to identify known vulnerabilities, offering multiple output formats such as JSON and Markdown for documentation and CI/CD integration. By implementing this tool, developers can assign risk scores ranging from 0-100 to skills, providing clear recommendations and improving security practices within the AI/ML community.