一键导入
scan-skill
Deep security analysis of an individual skill before installation
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Deep security analysis of an individual skill before installation
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
| name | scan-skill |
| description | Deep security analysis of an individual skill before installation |
| disable-model-invocation | true |
| allowed-tools | Read, Glob, Grep, Bash |
| context | fork |
Perform deep security analysis of a single skill directory before installation. Checks for all known injection techniques from AI agent security research.
Run the scanner against the target skill directory:
python3 "$SKILL_DIR/scripts/scan_skill.py" "$ARGUMENTS"
Where $ARGUMENTS is the path to the skill directory to analyze.
If no argument is provided, prompt the user for the path to the skill they want to scan.
Structured report with severity-ranked findings and specific recommendations per finding. Includes frontmatter analysis summary and supporting file inventory.
The repository's .claude/settings.json includes PreToolUse hooks that warn on
dangerous Bash and Write operations. These hooks are advisory only -- they
produce warnings but do not block execution.
PreToolUse blocking or escalation, hooks must return
hookSpecificOutput.permissionDecision: "deny" or "ask" instead of warning messages