Skill Security Scanner
Scan skills for malicious patterns before installation. Detects credential exfiltration, suspicious network calls, obfuscated code, prompt injection, and other red flags.
Quick Start
bash
# Scan a local skill folder python3 scripts/scan.py /path/to/skill # Verbose output (show matched lines) python3 scripts/scan.py /path/to/skill --verbose # JSON output (for automation) python3 scripts/scan.py /path/to/skill --json
Workflow: Scan Before Install
- •Download or locate the skill folder
- •Run
python3 scripts/scan.py <skill-path> --verbose - •Review findings by severity (CRITICAL/HIGH = do not install)
- •Report results to user with recommendation
Score Interpretation
| Score | Meaning | Recommendation |
|---|---|---|
| CLEAN | No issues found | Safe to install |
| INFO | Minor notes only | Safe to install |
| REVIEW | Medium-severity findings | Review manually before installing |
| SUSPICIOUS | High-severity findings | Do NOT install without thorough manual review |
| DANGEROUS | Critical findings detected | Do NOT install — likely malicious |
Exit Codes
- •
0= CLEAN/INFO - •
1= REVIEW - •
2= SUSPICIOUS - •
3= DANGEROUS
Rules Reference
See references/rules.md for full list of detection rules, severity levels, and whitelisted domains.
Limitations
- •Pattern-based detection — cannot catch all obfuscation techniques
- •No runtime analysis — only static scanning
- •False positives possible for legitimate tools that access network/files
- •Always combine with manual review for HIGH/MEDIUM findings