skills-security-check
CommunityAutomated safety auditing for Skill packs.
Software Engineering#security#auditing#risk-assessment#static-analysis#supply-chain#skill#prompt-injection
AuthorTugoukezhang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps security-audit Skill units by performing static analysis of their SKILL.md and related files to identify malicious, dangerous, or risky behavior before deployment.
Core Features & Use Cases
- Static analysis of SKILL.md and accompanying documentation to detect prompt injection, data exfiltration, and unsafe dependencies.
- Comprehensive risk assessment with clear categorizations (P0, P1, P2) and actionable mitigations for Skill creators and reviewers.
- Use Case: Teams can routinely audit new Skills added to their catalog to prevent supply-chain risks and reduce runtime attack surfaces.
Quick Start
Provide a static audit of the target skill by feeding its skill.md and related files to the auditor.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: skills-security-check Download link: https://github.com/Tugoukezhang/workbuddy-skills/archive/main.zip#skills-security-check Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.