Claude Skill

cisco-ai-defense/skill-scanner

Open-source security scanner for Claude Skills by Cisco AI Defense. Analyze and assess AI agent skills for vulnerabilities and security compliance.

Overview

Stars2,309
Forks284
LanguagePython
Last pushed2026-06-29
Last synced2026-07-03
View on GitHub

Repository

Ownercisco-ai-defense
Repositoryskill-scanner
Full namecisco-ai-defense/skill-scanner
Repo ID1,144,727,401

Install this Skill

pip install cisco-ai-skill-scanner

Registry

Typecursor_rule
Quality score85/100
Verificationreadme_parsed
Last verified2026-06-01
Platforms
ClaudeCodexCursor
Capabilities
code-reviewpdfmemoryterminalworkflowagentagent-skillssecurity
Detected files
README.mddocsexamplespyproject.tomltests
Config keys
SKILL_SCANNER_LLM_API_KEYVIRUSTOTAL_API_KEYAI_DEFENSE_API_KEYKEYURL
Install methods
  • pip install cisco-ai-skill-scanner
  • pip install cisco-ai-skill-scanner[bedrock]
  • pip install cisco-ai-skill-scanner[google]
  • pip install cisco-ai-skill-scanner[vertex]
  • pip install cisco-ai-skill-scanner[azure]

Summary

A security scanner for Claude Skills, developed by Cisco AI Defense, designed to analyze and assess the security of AI agent skills.

Chinese description

Claude Skill安全扫描器

Key features

  • Security scanning for Claude Skills
  • Python-based implementation
  • Agent skill analysis
  • Security assessment tools
  • Open-source security framework

Use cases

  • Security auditing of AI agent skills
  • Vulnerability detection in Claude Skills
  • Compliance checking for agent deployments
  • Security research on AI skills
  • Automated security testing

README excerpt

# Skill Scanner [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/) [![PyPI version](https://img.shields.io/pypi/v/cisco-ai-skill-scanner.svg)](https://pypi.org/project/cisco-ai-skill-scanner/) [![CI](https://github.com/cisco-ai-defense/skill-scanner/actions/workflows/python-tests.yml/badge.svg)](https://github.com/cisco-ai-defense/skill-scanner/actions/workflows/python-tests.yml) [![Discord](https://img.shields.io/badge/Discord-Join%20Us-7289da?logo=discord&logoColor=white)](https://discord.com/invite/nKWtDcXxtx) [![Cisco AI Defense](https://img.shields.io/badge/Cisco-AI%20Defense-049fd9?logo=cisco&logoColor=white)](https://www.cisco.com/site/us/en/products/security/ai-defense/index.html) [![AI Security Framework](https://img.shields.io/badge/AI%20Security-Framework-orange)](https://learn-cloudsecurity.cisco.com/ai-security-framework) [![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/cisco-ai-defense/skill-scanner) A best-effort security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns. Combines **pattern-based detection** (YAML + YARA), **LLM-as-a-judge**, and **behavioral dataflow analysis** to maximize detection coverage of probable threats while minimizing false positives. > **Important:** This scanner provides best-effort detection, not comprehensive or complete coverage. A scan that returns no findings does not guarantee that a skill is free of all threats. See [Scope and Limitations](#scope-and-limitations) below. Supports [OpenAI Codex Skills](https://openai.github.io/codex/) and [Cursor Agent Skills](https://docs

Topics

Explore more

Data from GitHub. Synced on 2026-07-03