Audit third-party Agent Skills before installation. Use when the user wants to inspect a Codex, Claude Code, or SKILL.md-based skill, GitHub skill repository, install script, or local skill folder for malicious instructions, secret access, dangerous shell commands, prompt injection, persistence, network exfiltration, or install-time risk.
Example dangerous skill for scanner tests.
Example skill with prompt-injection-like instructions for test coverage.
A harmless example skill that summarizes local Markdown files without network calls or shell execution.