← Back to Projects
Skills Scanner
June 1 2026
Overview
Skills files give AI agents permission to run commands and execute code. Skills Scanner addresses this security gap by scanning skills.md files used by AI agentic coding tools (Claude Code, OpenCode, Codex, etc.) for dangerous patterns.
Key Features
- Dual-analysis engine: Regex for shell, AST for Python
- 10 built-in security rules across 4 severity levels
- Tool detection: identifies installed agentic coding tools
- Auto-scan mode for discovered skill directories
- Colorized terminal reporting and JSON export
- Custom rule support via YAML configuration
Description
Security scanner that detects malicious commands and dangerous patterns in AI agent skills files