Claude Skill
berabuddies/Semia
Semia is an open-source static analysis tool for auditing security of AI agent skills, including Claude Code and Codex. Detect vulnerabilities in skill definitions.
Overview
Repository
Install this Skill
pip install semia-auditRegistry
Summary
Semia is a security audit tool designed for AI agent skills, including Claude Code and Codex. It performs static analysis to detect vulnerabilities in skill definitions, helping developers build safer AI agents.
Semia,AI代理技能的安全审计。
Key features
- Static analysis for AI agent skill security
- Supports Claude Code and Codex skill scanning
- Vulnerability detection in skill definitions
- Open-source security audit framework
Use cases
- Auditing Claude Skill definitions for security flaws
- Integrating security checks into AI agent development pipelines
- Preventing malicious or unsafe skill execution in agents
README excerpt
# Semia > **Security audit for AI agent skills.** Know what a skill *can* do > before you trust it. [](https://github.com/berabuddies/Semia/actions/workflows/ci.yml) [](https://github.com/berabuddies/Semia/actions/workflows/lint.yml) [](https://codecov.io/gh/berabuddies/Semia) [](LICENSE) [](pyproject.toml) Agent skills are markdown files with embedded shell commands, network calls, and tool invocations. They run with **your credentials, on your machine, with your data**. Semia reads a skill as data — never executes it — and produces an evidence-backed report of every capability it may exercise. It is the difference between > *"I trust this skill because the README looks fine."* and > *"I trust this skill because Semia extracted 14 actions, 6 effects, > and 2 secret reads — and every one is grounded in a specific source line."* --- ## Quick example Pick whichever fits how you already work. ### As a CLI ```bash pip install semia-audit semia scan ./some-skill ``` `scan` does prepare → synthesize (via your configured LLM provider) → detect → report in one shot. Output lands under `.semia/runs/<skill-slug>/` by default — pass `--out <path>` to override. You'll need an LLM provider configured first — see [Set up an LLM provider](#set-up-an-llm-provider) below. ### Inside Codex, Claude Code, or OpenClaw Install the plugin once. Each host has its own flow. **Codex** — pick either path: *Shell (sc