ワンクリックで
scan-skill
Deep security analysis of an individual skill before installation
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Deep security analysis of an individual skill before installation
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | scan-skill |
| description | Deep security analysis of an individual skill before installation |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Perform deep security analysis of a single skill directory before installation. Checks for all known injection techniques from AI agent security research.
Run the scanner against the target skill directory:
python3 "$SKILL_DIR/scripts/scan_skill.py" "$ARGUMENTS"
Where $ARGUMENTS is the path to the skill directory to analyze.
If no argument is provided, prompt the user for the path to the skill they want to scan.
Structured report with severity-ranked findings and specific recommendations per finding. Includes frontmatter analysis summary and supporting file inventory.
The repository's .claude/settings.json includes PreToolUse hooks that warn on
dangerous Bash and Write operations. These hooks are advisory only -- they
produce warnings but do not block execution.
PreToolUse blocking or escalation, hooks must return
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of warning messages