Download
SkillSpector is a security scanner built to evaluate AI agent skills before they are installed or trusted. It helps teams inspect skills used by tools such as Claude Code, Codex CLI, and Gemini CLI. The project focuses on detecting vulnerabilities, malicious behavior, and risky patterns that may be hidden inside skill files. It combines fast static checks with optional LLM-based semantic review for issues that require deeper intent analysis. It supports several input types, including Git repositories, URLs, zip files, folders, and individual files. It also produces practical reports with risk scores, severity labels, and recommendations that make security reviews easier to act on.
Features
- Scans Git repositories, URLs, zip files, folders, and single files
- Detects 64 vulnerability patterns across 16 categories
- Checks for prompt injection, data exfiltration, privilege escalation, and supply chain risks
- Supports static analysis with optional LLM semantic evaluation
- Exports terminal, JSON, Markdown, and SARIF reports
- Provides a 0–100 risk score with severity labels and recommendations
Project Samples
Categories
SecurityLicense
Apache License V2.0Follow SkillSpector
Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects
Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of SkillSpector!
