A risk scoring framework maps score ranges to severities and recommended actions, illustrated by examples.

SkillSpector is presented as a first-pass gate suitable for CI integration and preliminary screening of externally sourced skills.

Scans produce a risk score from 0 to 100 with a severity label (Safe, Caution, Do not install) to guide action, including higher-severity recommendations.

SkillSpector is a security analyzer for AI agent skills that detects vulnerabilities, dangerous patterns, and security risks before installation.

LLM-powered analysis is recommended for better accuracy, with providers including OpenAI, Anthropic, NVIDIA Inference, and local options via Ollama or vLLM.

The article cites a 2026 study on agent skill vulnerabilities, provides Python API usage examples, and notes Apache 2.0 licensing.

Python API access enables embedding SkillSpector into custom tooling, using a graph-based interface to invoke scans and retrieve risk scores.

Limitations include reliance on static analysis, potential misses for non-English content or encrypted/hidden code, and the need for outbound network access for live CVE lookups; it should be used as a strong filter, not a guarantee.

Key features include multi-format input (Git repos, URLs, zip files, directories, or single files), 64 vulnerability patterns across 16 categories, fast static analysis plus optional LLM evaluation, OSV.dev live vulnerability lookups with offline fallback, and multiple output formats (terminal, JSON, Markdown, SARIF) with a 0–100 risk score.

Initial scan commands cover scanning local skill folders, single Markdown files, GitHub-hosted skills, or zipped packages, with no complex setup required for basic static scans.

It functions as a security scanner offering fast static analysis and optional LLM-based analysis to identify taint flows and risky patterns in skills.

Documentation covers installation, quick start, usage, output formats, LLM configuration, environment variables, CLI options, and development guidance.