com um clique
scan-skill
Deep security analysis of an individual skill before installation
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
Deep security analysis of an individual skill before installation
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Baseado na classificação ocupacional SOC
| name | scan-skill |
| description | Deep security analysis of an individual skill before installation |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Perform deep security analysis of a single skill directory before installation. Checks for all known injection techniques from AI agent security research.
Run the scanner against the target skill directory:
python3 "$SKILL_DIR/scripts/scan_skill.py" "$ARGUMENTS"
Where $ARGUMENTS is the path to the skill directory to analyze.
If no argument is provided, prompt the user for the path to the skill they want to scan.
Structured report with severity-ranked findings and specific recommendations per finding. Includes frontmatter analysis summary and supporting file inventory.
The repository's .claude/settings.json includes PreToolUse hooks that warn on
dangerous Bash and Write operations. These hooks are advisory only -- they
produce warnings but do not block execution.
PreToolUse blocking or escalation, hooks must return
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of warning messages