skill-scanner
Security Scanner for Agent Skills
- Flag skills with file system write/delete permissions before deployment
- Detect skills requesting API keys or credential access patterns
- Identify skills with excessive network permissions or data exfiltration risk
Reduces security risk from AI agent skill misuse by detecting dangerous capability patterns before deployment. Prevents unauthorized data access, lateral movement, or system compromise through unvetted skill implementations.
Security teams and platform engineers vetting third-party or custom Claude skills before production rollout.
https://github.com/cisco-ai-defense/skill-scanner
By cisco-ai-defense
How to Get It
claude plugins install cisco-ai-defense/skill-scanner
Tip: Paste this into a Claude Code conversation. Verify command matches your Claude Code version.
Trust Signals Auto-scanned
Community Pulse Active
Discussed on Hacker News, Reddit
- Community Transmission - The Age of Rebellion Update | Ewok Hunter, ISB Agent, x — Reddit · 14987 pts
- Gen Z also doesn't understand desktops. after decades of boomers going "Y NO WOR — Reddit · 7598 pts
- It's Got Me Seeing Red — Reddit · 3268 pts
33 mentions across 2 sources
Reviewer notes
Auto-scanned review. These are observations, not a security certification.
Scored from trust signals (evidence-eval-v1): 2,030 GitHub stars; contributors unknown; last commit 22d ago; license no license.
How to evaluate tools before deploying →
Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.
Evaluation
Scored from trust signals (evidence-eval-v1): 2,030 GitHub stars; contributors unknown; last commit 22d ago; license no license.