skill-safety-scanner
Installation
SKILL.md
Instructions
Use this skill to run safety scans on any Agent Skill directory before publishing. The scanner detects:
- Secrets - Hardcoded API keys, tokens, passwords, private keys
- Dangerous Code - eval(), exec(), command injection, XSS patterns
- Permissions - Required capabilities (filesystem, network, subprocess, etc.)
When to Use
- Before submitting a skill for publication
- To preview what the catalog safety scan will find
- To identify and fix security issues early
- As part of CI/CD pipelines
How to Use
Scan a skill directory: