vythanhtra

vythanhtra / skillsentry

Public

AI Skill Security Scanner

15
2
100% credibility
Found Mar 02, 2026 at 15 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

SkillSentry is a security tool that scans AI skill files for malicious patterns, hidden commands, obfuscation techniques, and prompt injections to help users install them safely.

How It Works

1
📰 Hear about SkillSentry

You discover this handy safety checker while looking for ways to safely add new abilities to your AI helper.

2
📥 Bring it home

You download the simple checker to your computer – it works right away without any extra setup.

3
📁 Pick your skill

Find the new AI skill file you want to try and prepare to check it.

4
🔍 Run the safety scan

You start the check, and it quickly reviews the file for hidden dangers like sneaky commands or tricks.

5
Review the results
It's safe!

The score is high, so you confidently add the skill to your AI.

🚫
Too risky

Red flags appear, so you skip it to stay protected.

🎉 Safe and sound

Now your AI has helpful new skills without any nasty surprises – peace of mind achieved!

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 15 to 15 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is skillsentry?

SkillSentry is a Python-based security scanner for AI skill files pulled from GitHub repositories like anthropic skills, claude skill github, or copilot skill github. It analyzes markdown skills for malware, data exfiltration chains, base64 obfuscation, unicode homoglyphs, zero-width characters, and prompt injections before you load them into agents like Claude Code, Cursor, or Antigravity. Run it via CLI on a single file or scan entire directories with zero dependencies—just Python 3.8+—and get risk scores, JSON reports, or alerts to Discord and Telegram.

Why is it gaining traction?

It stands out by chaining behaviors like "read .env + network send" for critical exfil detection, beyond simple keyword scans, plus evasion normalization and 25+ built-in rules you can extend via YAML. Devs love the instant CLI feedback with line-specific verdicts and real-time notifications for scores under 40, making it a quick gatekeeper for community skills from github skill tree or humanizer skill github. No installs needed, and it flags cloud metadata SSRF or git hook injections that others miss.

Who should use this?

AI power users installing third-party skills for Claude, Copilot, or Antigravity from GitHub. Security engineers auditing alexa skill github or cloud skill github repos before deployment. Devs in skill security consulting or as skill security engineers vetting forum-shared mani skill github or kb skill github files.

Verdict

Grab it if you're deep in AI agents—solid concept with clear docs and examples, but at 12 stars and 1.0% credibility, it's early-stage; test thoroughly on your setup before trusting high-stakes scans. Worth watching as AI skill security scan tools mature.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.