NVIDIA SkillSpector
SkillSpector is NVIDIA's open-source security scanner for AI Agent Skills — the executable skill components used by Claude Code, Codex CLI, and Gemini CLI. It vets a skill before you install it, detecting vulnerabilities and malicious patterns.
Canonical version: NVIDIA SkillSpector.
SkillSpector is NVIDIA's open-source security scanner for AI Agent Skills — the executable skill components used by Claude Code, Codex CLI, and Gemini CLI. It vets a skill before you install it, detecting vulnerabilities and malicious patterns.
Key points
- Why it exists — NVIDIA's research found 26.1% of skills contain vulnerabilities and 5.2% show likely malicious intent; executable scripts are ~2.12x more likely to be vulnerable. SkillSpector is the pre-install gate for that risk.
- Detection — 64 rules across 16 categories: Prompt injection, data exfiltration, privilege escalation, supply-chain risk, dangerous code execution, etc.
- Two-stage analysis — fast static pattern matching, then optional LLM-powered semantic evaluation for intent.
- Inputs — git repos, URLs, zip files, directories, single files.
- Output — terminal, JSON, Markdown, SARIF; risk score 0–100 with severity labels.
- Under the hood — Python 3.12+, LangGraph architecture; AST behavioral analysis, YARA signatures, taint tracking; live CVE lookups via OSV.dev (offline fallback); LLM providers OpenAI / Anthropic / NVIDIA.
- License — Apache 2.0.
Why it matters
As skills become the portable unit of agent capability (see Google AI Skills, AI Skill Distribution), the attack surface moves to the skill supply chain. SkillSpector is exactly the vetting layer the AI Skill Supply Chain Security thesis calls for, and a practical complement to the AI Skill Portability Checklist — portability and safety are two halves of trustworthy skill distribution.
References
- Repository: https://github.com/NVIDIA/SkillSpector
Related
- AI Agent Skills
- AI Skill Supply Chain Security
- AI Skill Portability Checklist
- Prompt injection
- Google AI Skills
- Claude Code Skills
About Sébastien
I'm Sébastien Dubois, and I'm on a mission to help knowledge workers escape information overload. After 20+ years in IT and seeing too many brilliant minds drowning in digital chaos, I've decided to help people build systems that actually work. Through the Knowii Community, my courses, products & services and my Website/Newsletter, I share practical and battle-tested systems.
I write about Knowledge Work, Personal Knowledge Management, Note-taking, Lifelong Learning, Personal Organization, Productivity, and more. I also craft lovely digital products and tools.
If you want to follow my work, then become a member and join our community.
Ready to get to the next level?
If you're tired of information overwhelm and ready to build a reliable knowledge system:
- 📚 KM for Beginners — 10+ hours of structured video lessons
- 🚀 Obsidian Starter Kit — Ready-made vault with 40+ templates
- 💼 Knowledge Worker Kit — Complete guides + lifetime community
- 🦉 1-on-1 Coaching — Personalized guidance
- 🎯 Join Knowii — Community + ALL courses & tools
Found this valuable? Share it with someone who needs it.