원클릭으로
scan-skill
Deep security analysis of an individual skill before installation
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Deep security analysis of an individual skill before installation
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | scan-skill |
| description | Deep security analysis of an individual skill before installation |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Perform deep security analysis of a single skill directory before installation. Checks for all known injection techniques from AI agent security research.
Run the scanner against the target skill directory:
python3 "$SKILL_DIR/scripts/scan_skill.py" "$ARGUMENTS"
Where $ARGUMENTS is the path to the skill directory to analyze.
If no argument is provided, prompt the user for the path to the skill they want to scan.
Structured report with severity-ranked findings and specific recommendations per finding. Includes frontmatter analysis summary and supporting file inventory.
The repository's .claude/settings.json includes PreToolUse hooks that warn on
dangerous Bash and Write operations. These hooks are advisory only -- they
produce warnings but do not block execution.
PreToolUse blocking or escalation, hooks must return
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of warning messages