skill-scanner
Automated security scanning for agent skills before installation, detecting prompt injection, malicious code, excessive permissions, and supply chain risks.
- Runs static analysis via bundled Python scanner that outputs structured JSON findings with severity levels and URLs
- Validates SKILL.md frontmatter (required fields, tool justification, model overrides) and checks for config poisoning or scope creep in instructions
- Analyzes scripts for data exfiltration, reverse shells, credential theft, dangerous eval/exec patterns, and unverified dependency sources
- Distinguishes between legitimate security documentation (discussing injection patterns) and actual malicious execution
- Provides eight-phase workflow: discovery, automated scan, frontmatter validation, prompt injection analysis, behavioral analysis, script review, supply chain assessment, and permission tier evaluation
This skill contains shell command directives (!`command`) that may execute system commands. Review carefully before installing.
Skill Security Scanner
Scan agent skills for security issues before adoption. Detects prompt injection, malicious code, excessive permissions, secret exposure, and supply chain risks.
Requires: The uv CLI for python package management, install guide at https://docs.astral.sh/uv/getting-started/installation/
Important: Run all scripts from the repository root. Script paths like scripts/scan_skill.py are relative to this skill's root directory (the directory containing this SKILL.md), not relative to the target repository.
Bundled Script
scripts/scan_skill.py
Static analysis scanner that detects deterministic patterns. Outputs structured JSON.
uv run scripts/scan_skill.py <skill-directory>
Returns JSON with findings, URLs, structure info, and severity counts. The script catches patterns mechanically — your job is to evaluate intent and filter false positives.
More from getsentry/skills
security-review
Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP review", or review code for injection, XSS, authentication, authorization, cryptography issues. Provides systematic review with confidence-based reporting.
5.3Kcode-simplifier
Simplifies and refines code for clarity, consistency, and maintainability while preserving all functionality. Use when asked to "simplify code", "clean up code", "refactor for clarity", "improve readability", or review recently modified code for elegance. Focuses on project-specific best practices.
4.3Kfind-bugs
Find bugs, security vulnerabilities, and code quality issues in local branch changes. Use when asked to review changes, find bugs, security review, or audit code on the current branch.
2.4Kagents-md
Creates and maintains concise AGENTS.md and CLAUDE.md project instruction files. Use when asked to create AGENTS.md, update AGENTS.md, maintain agent docs, set up CLAUDE.md, document repository agent conventions, or keep coding-agent instructions minimal and reference-backed.
2.3Kcode-review
Perform code reviews following Sentry engineering practices. Use when reviewing pull requests, examining code changes, or providing feedback on code quality. Covers security, performance, testing, and design review.
2.2Kcommit
ALWAYS use this skill when committing code changes — never commit directly without it. Creates commits following Sentry conventions with proper conventional commit format and issue references. Trigger on any commit, git commit, save changes, or commit message task.
2.0K