HuTa0kj

HuTa0kj / skill-scanner-agent

Public

Skill Scan Agent — Automated scanning, identification, and assessment of SKILL security risks.

agent agent-skills agents claude-code llm-agent
21
1
80% credibility
Found May 17, 2026 at 21 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Skill Scanner Agent is a tool that helps you check AI skill directories for security problems. You point it at a folder containing a skill, and it uses artificial intelligence to examine the skill's description and any code files inside, then generates reports showing what risks or issues it found. The tool supports both English and Chinese reports and displays results in your terminal while also saving them as files you can review later.

How It Works

1
🔍 You discover the tool

You hear about a security scanner that checks AI skill directories for vulnerabilities and risks.

2
📦 You set everything up

You download and install the scanner on your computer so it's ready to use whenever you need it.

3
🔌 You connect an AI assistant

You tell the scanner which AI service to use for analyzing your skills — just pick one you already have access to.

4
🎯 You point it at a skill

You give the scanner a folder containing your AI skill and let it do its work on that directory.

5
The scanner checks everything
📄
Skills with code files

The scanner examines both the skill description and any scripts found inside

📋
Skills without code

The scanner focuses only on the skill description and overview

📊 You receive your reports

The scanner creates easy-to-read reports showing you what it found — any security concerns or areas that need attention.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 21 to 21 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is skill-scanner-agent?

Skill-scanner-agent is a Python tool that automatically audits AI skill directories for security risks. You point it at a folder containing a SKILL.md file, and it parses the structure, generates a security overview report, and audits any embedded scripts. The workflow runs through LangGraph and uses LLMs to analyze both the skill documentation and any code files present. It outputs Markdown reports to disk and displays results in the terminal.

Why is it gaining traction?

The AI assistant ecosystem is exploding with custom skills for Claude, Cursor, Copilot, and similar tools. Most developers trust these skills without scrutiny, but they often contain shell scripts, Python snippets, or other code that could be malicious. This tool addresses that blind spot by automating security analysis rather than requiring manual review. The ability to assign different models to different tasks (via config role mapping) is practical for teams with multiple API providers.

Who should use this?

Security-conscious developers who publish or consume AI skill packages should consider this essential. If you maintain a skill marketplace or internal skill library, automated auditing saves time. Individual developers downloading third-party skills from GitHub or community feeds can run a quick scan before trusting the code. Teams building skills for enterprise use cases have a ready-made compliance checkpoint.

Verdict

This fills a real gap in the AI tooling ecosystem, but the 0.800000011920929% credibility score and 21 stars reflect an early-stage project. The documentation is solid and the CLI is straightforward, but test coverage and community feedback are minimal. Worth evaluating for production use with caution, or watching as the skill ecosystem matures.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.