Claude Skill

NVIDIA/SkillSpector

SkillSpector by NVIDIA scans AI agent skills for vulnerabilities, malicious patterns, and security risks. Protect your AI ecosystem with enterprise-grade skill auditing.

Overview

Stars11,868
Forks971
LanguagePython
Last pushed2026-07-01
Last synced2026-07-03
View on GitHub

Repository

OwnerNVIDIA
RepositorySkillSpector
Full nameNVIDIA/SkillSpector
Repo ID1,187,630,119

Install this Skill

git clone https://github.com/NVIDIA/skillspector.git

Registry

Typemcp_server
Quality score85/100
Verificationreadme_parsed
Last verified2026-06-03
Platforms
ClaudeMCPCodex
Capabilities
code-reviewpdfmemorysearchimageterminalworkflow
Detected files
README.mddocspyproject.tomltests
Config keys
OPENAI_API_KEYOPENAI_BASE_URLURLANTHROPIC_API_KEYNVIDIA_INFERENCE_KEY

Summary

SkillSpector by NVIDIA is a security scanner designed to detect vulnerabilities, malicious patterns, and security risks in AI agent skills. It helps developers and security teams audit third-party or custom skills before deployment, ensuring safer AI agent ecosystems.

Chinese description

AI代理技能安全扫描器。检测漏洞、恶意模式及安全风险。

Key features

  • Detects vulnerabilities in AI agent skills
  • Identifies malicious patterns and code
  • Assesses security risks before deployment
  • Designed for integration into CI/CD pipelines
  • Built by NVIDIA for enterprise-grade security

Use cases

  • Auditing third-party AI agent skills
  • Pre-deployment security checks for custom skills
  • Integrating security scanning into AI development workflows
  • Protecting enterprise AI agent deployments from malicious skills

README excerpt

# SkillSpector **Security scanner for AI agent skills.** Detect vulnerabilities, malicious patterns, and security risks before installing agent skills. [![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/) [![License: Apache 2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0) ## Overview AI agent skills (used by Claude Code, Codex CLI, Gemini CLI, etc.) execute with implicit trust and minimal vetting. Research shows that **26.1% of skills contain vulnerabilities** and **5.2% show likely malicious intent**. SkillSpector helps you answer: **"Is this skill safe to install?"** ## Documentation - **[Development guide](docs/DEVELOPMENT.md)** — Architecture, package layout, and how to extend the analyzer pipeline. - **[OSS_RELEASE.md](OSS_RELEASE.md)** — How to produce a public-OSS branch from this repo. ## Features - **Multi-format input**: Scan Git repos, URLs, zip files, directories, or single files - **64 vulnerability patterns** across 16 categories: prompt injection, data exfiltration, privilege escalation, supply chain, excessive agency, output handling, system prompt leakage, memory poisoning, tool misuse, rogue agent, trigger abuse, dangerous code (AST), taint tracking, YARA signatures, MCP least privilege, and MCP tool poisoning - **Two-stage analysis**: Fast static analysis + optional LLM semantic evaluation - **Live vulnerability lookups**: SC4 queries [OSV.dev](https://osv.dev) for real-time CVE data with automatic offline fallback - **Multiple output formats**: Terminal, JSON, Markdown, and SARIF reports - **Risk scoring**: 0-100 score with severity labels and clear recommendations ## Quick Start ### Installation Create and activate a virtual

Topics

No topics yet.

Explore more

Data from GitHub. Synced on 2026-07-03