skill-validator
Skill Validator
Purpose and Intent
The skill-validator is the primary quality control tool for this repository. It ensures that every AI Agent Skill is "machine-consumable" by validating it against the agentskills.io standard and the repository's AGENTS.md rules.
When to Use
- During Development: Run this skill every time you create or modify a skill.
- CI/CD Integration: Automatically block Pull Requests that contain non-compliant skill definitions.
- Repository Audits: Periodically scan the entire
agent-skills/directory to ensure long-term compliance as specifications evolve.
When NOT to Use
- Code Logic Validation: This tool does not "run" the skills or verify their internal logic; it only validates the "contract" (the YAML and Markdown).
Error Conditions and Edge Cases
- Invalid YAML: If
skill.yamlcannot be parsed, the validator will fail immediately with a syntax error. - Missing Required Fields: Any missing field defined in the
agentskills.iospecification will result inis_valid: false. - Empty Directories: Folders in
agent-skills/that do not contain askill.yamlwill be flagged as invalid skills.
More from jorgealves/agent_skills
python-security-scanner
Detect common Python vulnerabilities such as SQL injection, unsafe deserialization, and hardcoded secrets. Use as part of a secure SDLC for Python projects.
187gdpr-ccpa-privacy-auditor
Audits web applications to ensure declared privacy policies match actual technical data collection practices. Use to identify discrepancies in cookie usage, tracking scripts, and user data handling.
150prompt-injection-scanner
Audits agent skill instructions and system prompts for vulnerabilities to prompt hijacking and indirect injection. Use when designing new agent skills or before deploying agents to public environments where users provide untrusted input.
147hipaa-compliance-guard
Audits HealthTech applications for HIPAA technical safeguards like encryption and audit logging. Use when reviewing healthcare infrastructure or ensuring PHI is handled according to legal security standards.
128pii-sanitizer
Detects and redacts Personally Identifiable Information (PII) like emails, phone numbers, and credit cards. Use when cleaning logs, datasets, or communications to comply with GDPR/CCPA privacy standards.
128documentation-generator
Analyzes source code to automatically generate technical documentation and architecture diagrams. Use to maintain up-to-date API references and onboarding materials for engineering teams.
127