Claude Skill
NVIDIA/SkillSpector
SkillSpector by NVIDIA scans AI agent skills for vulnerabilities, malicious patterns, and security risks. Protect your AI ecosystem with enterprise-grade skill auditing.
Overview
Repository
Install this Skill
git clone https://github.com/NVIDIA/skillspector.gitRegistry
Summary
SkillSpector by NVIDIA is a security scanner designed to detect vulnerabilities, malicious patterns, and security risks in AI agent skills. It helps developers and security teams audit third-party or custom skills before deployment, ensuring safer AI agent ecosystems.
AI代理技能安全扫描器。检测漏洞、恶意模式及安全风险。
Key features
- Detects vulnerabilities in AI agent skills
- Identifies malicious patterns and code
- Assesses security risks before deployment
- Designed for integration into CI/CD pipelines
- Built by NVIDIA for enterprise-grade security
Use cases
- Auditing third-party AI agent skills
- Pre-deployment security checks for custom skills
- Integrating security scanning into AI development workflows
- Protecting enterprise AI agent deployments from malicious skills
README excerpt
# SkillSpector **Security scanner for AI agent skills.** Detect vulnerabilities, malicious patterns, and security risks before installing agent skills. [](https://www.python.org/downloads/) [](https://www.apache.org/licenses/LICENSE-2.0) ## Overview AI agent skills (used by Claude Code, Codex CLI, Gemini CLI, etc.) execute with implicit trust and minimal vetting. Research shows that **26.1% of skills contain vulnerabilities** and **5.2% show likely malicious intent**. SkillSpector helps you answer: **"Is this skill safe to install?"** ## Documentation - **[Development guide](docs/DEVELOPMENT.md)** — Architecture, package layout, and how to extend the analyzer pipeline. - **[OSS_RELEASE.md](OSS_RELEASE.md)** — How to produce a public-OSS branch from this repo. ## Features - **Multi-format input**: Scan Git repos, URLs, zip files, directories, or single files - **64 vulnerability patterns** across 16 categories: prompt injection, data exfiltration, privilege escalation, supply chain, excessive agency, output handling, system prompt leakage, memory poisoning, tool misuse, rogue agent, trigger abuse, dangerous code (AST), taint tracking, YARA signatures, MCP least privilege, and MCP tool poisoning - **Two-stage analysis**: Fast static analysis + optional LLM semantic evaluation - **Live vulnerability lookups**: SC4 queries [OSV.dev](https://osv.dev) for real-time CVE data with automatic offline fallback - **Multiple output formats**: Terminal, JSON, Markdown, and SARIF reports - **Risk scoring**: 0-100 score with severity labels and clear recommendations ## Quick Start ### Installation Create and activate a virtual
Topics
No topics yet.