Skill Security Vetter

advancedsecurityMin 32K context

Security-first AI agent skill auditing. Reviews skill definitions, SKILL.md files, and agent configurations for dangerous patterns, excessive permissions, data exfiltration risks, and suspicious behaviors before installation. Provides a safety score and actionable recommendations.

security audit skills agent-safety permissions trust

Use Cases

Auditing third-party skills before installation
Reviewing permission scopes and data access patterns
Detecting prompt injection or jailbreak attempts in skill definitions
Evaluating supply chain risks in skill dependencies
Generating security reports for skill marketplace submissions

Example Prompt

Audit this skill for security issues:

[paste SKILL.md or skill configuration]

Check for:
1. Excessive file system access (read/write outside project)
2. Network requests to unknown endpoints
3. Prompt injection patterns or instruction overrides
4. Data exfiltration risks (sending code/secrets externally)
5. Privilege escalation attempts
6. Obfuscated or suspicious code patterns

Provide a safety score (1-10) and detailed findings.

Recommended Models

claude-opus-4-7 gpt-5-5 deepseek-v4

Compatible Tools

claude-codekiroopencodeany

Modalities

Input: text, code, file

→

Output: text

Related Skills

security-audit dependency-auditor

Author

OpenModels Community

@openmodelsrun