by NVIDIA · Agent Tool · ★ 12.4k
SkillSpector Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks before installing agent skills. Overview AI agent skills (used by Claude Code, Codex CLI, Gemini CLI, etc.) execute with implicit trust and minimal vetting. Research shows that 26.1% of skills contain vulnerabilities and 5.2% show likely malicious intent. SkillSpector helps you answer: "Is this skill safe to install?" Documentation Development guide — Architecture, package layout, and how to extend the analyzer pipeline.
| Stars | 12,426 |
| Forks | 1,024 |
| Language | Python |
| Category | Agent Tool |
| License | Apache-2.0 |
| Quality Score | 73.3362255079436/100 |
| Open Issues | 88 |
| Last Updated | 2026-07-07 |
| Created | 2026-03-21 |
| Platforms | cli, python |
| Est. Tokens | ~18k |
These tools work well together with SkillSpector for enhanced workflows:
Explore other popular agent tool tools:
SkillSpector is Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.. It is categorized as a Agent Tool with 12.4k GitHub stars.
SkillSpector is primarily written in Python.
You can find installation instructions and usage details in the SkillSpector GitHub repository at github.com/NVIDIA/SkillSpector. The project has 12.4k stars and 1024 forks, indicating an active community.
SkillSpector is released under the Apache-2.0 license, making it free to use and modify according to the license terms.