Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

sekiro009/SkillSentry

Name: SkillSentry
Author: sekiro009

/SKILL.md

npx skillsauth add sekiro009/skillsentry SkillSentry

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

SkillSentry

Scans AI skill files for malicious patterns before you install them.

When to Use

Run SkillSentry before installing any third-party skill:

A skill shared on a forum, Discord, or group chat
A skill from a GitHub repo you don't fully trust
A skill from a colleague whose code you haven't reviewed
Any .md file that will be added to your agent's skills directory

When NOT to Use

Skills you wrote yourself from scratch
Official skills from github.com/anthropics/claude-code
Skills already installed and running without issues (no retroactive benefit)

Prerequisites

Python 3.8 or newer — no additional packages required
Script location: .agent/skills/skill-auditor/scripts/audit_skill.py

Usage

Quick audit — single file

"Audit this skill before I install it: path/to/SKILL.md"

Claude will run:

python .agent\skills\skill-auditor\scripts\audit_skill.py path\to\SKILL.md

Slash command

/skillsentry path/to/SKILL.md
/skillsentry --all

Audit your entire skills library

"Kiểm tra toàn bộ skills hiện tại"

Runs:

python .agent\skills\skill-auditor\scripts\audit_skill.py --all

With real-time alerts

# Discord
python audit_skill.py --all --discord "https://discord.com/api/webhooks/..."

# Telegram
python audit_skill.py --all --telegram "BOT_TOKEN:CHAT_ID"

Save JSON report

python audit_skill.py SKILL.md --json > report.json

What It Detects (9 Layers)

| Layer | What | Examples | |-------|------|----------| | 1 | Behavior Chains | read .env → upload → delete | | 2 | Unicode Evasion | homoglyphs, zero-width, RTLO | | 3 | Obfuscation | Base64, ROT13, XOR, chr() concat, split keywords | | 4 | Prompt Injection | DAN, delimiter hijack, instruction override | | 5 | Cloud SSRF | AWS metadata (169.254.169.254), GCP, Azure | | 6 | Persistence | cron jobs, startup scripts, git hooks | | 7 | Package Poisoning | custom pip/npm registry, typosquatting | | 8 | Clipboard Harvest | pbpaste, Get-Clipboard, pyperclip | | 9 | Time Bombs | date-conditional execution |

Risk Score

100 = Fully safe
 80+ ✅ Safe
 60+ ⚠️  Low risk — review flagged items
 40+ 🟠 Medium risk — do not install without review
 20+ 🔴 High risk — very likely malicious
  0  🚨 Critical — do not install

Custom Rules

Add rules to resources/rules.yaml:

rules:
  - id: my_rule
    pattern: 'dangerous_regex_here'
    severity: critical      # critical | high | medium | low
    category: exfiltration  # any label
    description: What this detects
    weight: 50              # subtracted from score when matched
    enabled: true

25 built-in rules included. See resources/rules.yaml for full list.

Trust Policy

| Source | Trust | Action | |--------|-------|--------| | github.com/anthropics/* | ✅ | Install directly | | Your own code | ✅ | Install directly | | Known GitHub authors | ⚠️ | Audit first | | Forums, chats, DMs | ⚠️ | Full audit required | | Score < 40 | 🚫 | Do not install |

If a Skill Fails

Do not run any command from that file
Delete the file immediately
Rotate any API keys if the skill was previously installed
Report the file to the source (GitHub issue, forum thread)

sekiro009/SkillSentry

/SKILL.md

Kiểm tra bảo mật cho tất cả AI skills/plugins trước khi sử dụng. Phát hiện lệnh ẩn, exfiltration, mã hoá Base64, ký tự Unicode nguy hiểm, và behavior chain độc hại. Dùng khi cài skill mới, muốn audit toàn bộ skill library, hoặc kiểm tra file .md nghi ngờ.

tools

Updated Apr 15, 2026

$ install --global

skillsauth

npx skillsauth add sekiro009/skillsentry SkillSentry

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Apr 15, 2026, 6:11 AM8.0s6 files scanned

SKILL.md

name:: SkillSentry
description:: Kiểm tra bảo mật cho tất cả AI skills/plugins trước khi sử dụng. Phát hiện lệnh ẩn, exfiltration, mã hoá Base64, ký tự Unicode nguy hiểm, và behavior chain độc hại. Dùng khi cài skill mới, muốn audit toàn bộ skill library, hoặc kiểm tra file .md nghi ngờ.
source:: internal
version:: 2.1.0

SkillSentry

Scans AI skill files for malicious patterns before you install them.

When to Use

Run SkillSentry before installing any third-party skill:

A skill shared on a forum, Discord, or group chat
A skill from a GitHub repo you don't fully trust
A skill from a colleague whose code you haven't reviewed
Any .md file that will be added to your agent's skills directory

When NOT to Use

Skills you wrote yourself from scratch
Official skills from github.com/anthropics/claude-code
Skills already installed and running without issues (no retroactive benefit)

Prerequisites

Python 3.8 or newer — no additional packages required
Script location: .agent/skills/skill-auditor/scripts/audit_skill.py

Usage

Quick audit — single file

"Audit this skill before I install it: path/to/SKILL.md"

Claude will run:

python .agent\skills\skill-auditor\scripts\audit_skill.py path\to\SKILL.md

Slash command

/skillsentry path/to/SKILL.md
/skillsentry --all

Audit your entire skills library

"Kiểm tra toàn bộ skills hiện tại"

Runs:

python .agent\skills\skill-auditor\scripts\audit_skill.py --all

With real-time alerts

# Discord
python audit_skill.py --all --discord "https://discord.com/api/webhooks/..."

# Telegram
python audit_skill.py --all --telegram "BOT_TOKEN:CHAT_ID"

Save JSON report

python audit_skill.py SKILL.md --json > report.json

What It Detects (9 Layers)

Risk Score

100 = Fully safe
 80+ ✅ Safe
 60+ ⚠️  Low risk — review flagged items
 40+ 🟠 Medium risk — do not install without review
 20+ 🔴 High risk — very likely malicious
  0  🚨 Critical — do not install

Custom Rules

Add rules to resources/rules.yaml:

rules:
  - id: my_rule
    pattern: 'dangerous_regex_here'
    severity: critical      # critical | high | medium | low
    category: exfiltration  # any label
    description: What this detects
    weight: 50              # subtracted from score when matched
    enabled: true

25 built-in rules included. See resources/rules.yaml for full list.

Trust Policy

If a Skill Fails

Do not run any command from that file
Delete the file immediately
Rotate any API keys if the skill was previously installed
Report the file to the source (GitHub issue, forum thread)

Related Skills

openclaw/taskflow

tools

VerifiedTrustedCommunity

Use when work should span one or more detached tasks but still behave like one job with a single owner context. TaskFlow is the durable flow substrate under authoring layers like Lobster, ACPX, plugins, or plain code. Keep conditional logic in the caller; use TaskFlow for flow identity, child-task linkage, waiting state, revision-checked mutations, and user-facing emergence.

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/extensions/lobster

tools

VerifiedTrustedCommunity

# Lobster Lobster executes multi-step workflows with approval checkpoints. Use it when: - User wants a repeatable automation (triage, monitor, sync) - Actions need human approval before executing (send, post, delete) - Multiple tool calls should run as one deterministic operation ## When to use Lobster | User intent | Use Lobster? | | ------------------------------------------------------ | --------------------------

357,764SKILL.mdUpdated Apr 10, 2026

openclaw/extensions/lobster

steipete/extensions/lobster

tools

VerifiedTrustedCommunity

357,588SKILL.mdUpdated Apr 13, 2026

steipete/extensions/lobster

steipete/xurl

tools

VerifiedTrustedCommunity

A CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.

356,423SKILL.mdUpdated Apr 13, 2026

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/sekiro009/skillsentry.git

# Copy into Claude Code skills folder (global)
cp -r skillsentry/ ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

sekiro009/skillsentry

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT