skill-safety-scanner
Instructions
Use this skill to run safety scans on any Agent Skill directory before publishing. The scanner detects:
- Secrets - Hardcoded API keys, tokens, passwords, private keys
- Dangerous Code - eval(), exec(), command injection, XSS patterns
- Permissions - Required capabilities (filesystem, network, subprocess, etc.)
When to Use
- Before submitting a skill for publication
- To preview what the catalog safety scan will find
- To identify and fix security issues early
- As part of CI/CD pipelines
How to Use
Scan a skill directory:
More from skillscatalog/registry
skill-create
Create new Agent Skills from templates with best-practice structure, pre-populated SKILL.md, and optional scripts/assets directories.
185skill-installer
Install Agent Skills to your AI coding agent. Supports Claude Code, Goose, OpenCode, Cursor, and other harnesses.
9skill-validator
Validate Agent Skills against the specification. Checks SKILL.md format, frontmatter fields, naming conventions, and directory structure.
7skill-search
Search the Agent Skills Catalog to find skills by keyword, vendor, or category.
6skill-publisher
Submit Agent Skills to catalogs for publication. Validates, scans, and submits skills via the skillscatalog.ai API.
6skill-manifest-generator
Generate MANIFEST.json files for Agent Skills, providing content integrity verification, file inventory, and external reference tracking.
6