SkillSpector
NVIDIA's security scanner for agent skills, tools, and MCP servers. Point it at a directory, file, repo URL, or zip and it checks 65 vulnerability patterns across 16 categories (prompt injection, data exfiltration, supply chain, excessive agency, MCP tool poisoning, and more) with fast static analysis plus an optional LLM pass. Emits a 0-100 risk score with LOW/MEDIUM/HIGH/CRITICAL severity and SARIF 2.1.0 for CI. Built on the Liu et al. 2026 study that scanned 42,447 skills (26.1% had a vulnerability, 5.2% likely malicious). Static analysis lowers risk, it does not certify safety.
Alternatives
2 workflows use SkillSpector
SkillSpector: fail your CI build on a risky agent skill
Scan every skill you did not write with SkillSpector and gate CI on the result, so a malicious or vulnerable SKILL.md fails the build instead of running with your agent's permissions at runtime.
Agent-Reach: throwaway account, least privilege, scan before install
Before letting Agent-Reach install system dependencies and register a skill that logs into platforms with your cookies, encode the safe defaults as a preflight manifest: a throwaway account never your main, cookie-auth risk acknowledged per platform, and a mandatory scan before install.