skill · tool profile

Skill Scanner

Security Scanner for Agent Skills

skill CodexClaude CodeCursorGeneric

At a glance.

A compact read before the deeper capability notes and official setup links.

Feature cards focus on what the tool helps users do, not generated setup commands.

A best-effort security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns.

A scan that returns no findings does not guarantee that a skill is free of all threats.

Supports OpenAI Codex Skills and Cursor Agent Skills formats following the Agent Skills specification.

With --lenient, also scans non-standard formats such as Claude Code .claude/commands/.md and flat markdown skill repos.

CI/CD Ready - SARIF output for GitHub Code Scanning, reusable GitHub Actions workflow, exit codes for build failures

Pre-commit Hook - Standard pre-commit framework integration to scan skills before every commit

Join the Cisco AI Discord to discuss, share feedback, or connect with the team.

Skill Scanner is a detection tool.

This panel keeps technical format separate from the user-facing AI category.

Tool type SKILL

Use categories skill

Works with Codex, Claude Code, Cursor, Generic

Generated install snippets are intentionally not mirrored here because they drift. The page links to source-owned setup docs instead.

These notes help a user decide whether to investigate the official project further.

Source repository last pushed at 2026-04-30T01:53:23Z.

Generated from source metadata; confirm operational details in the official project before adopting it.

Review the upstream license, maintenance activity, and issue history before using it in production.

Trusted source