安全研究/授权测试 · Python

NVIDIA/SkillSpector

Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.

增长榜 #36 已读 GitHub / README
增长排名 #36 Fast Growth Top 100
本期热度 Stars 33 OSSInsight 页面展示
Forks 3 榜单记录
Fork / Star 9.1% 社区复用强度

项目解读

Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. README 重点章节包括:SkillSpector、Overview、Documentation、Features、Quick Start。

README / GitHub 亮点

  • GitHub 描述:Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
  • SkillSpector helps you answer: "Is this skill safe to install?"。
  • Development guide — Architecture, package layout, and how to extend the analyzer pipeline.
  • Pi extension — Install SkillSpector as a Pi tool for scanning skills from inside agent sessions.

适用场景

适合评估 AI 应用、智能体工作流、模型工具链、RAG/提示词工程或 AI 辅助开发场景。

采用前核查

采用前仍需核查许可证、维护节奏、issue 质量、release 记录和生产适配成本。

README 摘要

Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks before installing agent skills. AI agent skills (used by Claude Code, Codex CLI, Gemini CLI, etc.) execute with implicit trust and minimal vetting. Research shows that 26.1% of skills contain vulnerabilities and 5.2% show likely malicious intent. SkillSpector helps you answer: "Is this skill safe to install?" Development guide — Architecture, package layout, and how to extend the analyzer pipeline. Pi extension…