Scan Your Skills Before You Install Them — 1 in 7 Have Security Issues
📜 If you're pulling skills or MCP servers from GitHub into your Claude Code setup, read this. People are publishing malicious code disguised as useful skills — and it's not a small problem. ⚓ The Problem - Snyk scanned nearly 4,000 skills and found 13.4% contain critical security issues — malware, credential theft, data exfiltration - In January 2026, 341 malicious skills flooded ClawHub in 3 days, all deploying macOS infostealers targeting wallet keys, API keys, and SSH credentials - 91% of malicious skills combine prompt injection with traditional malware — they trick Claude AND install backdoors - The barrier to publish a skill? A SKILL.md file and a week-old GitHub account. No review, no signing, no sandbox. ⚓ What Malicious Skills Actually Do - Steal your API keys and credentials from .env files - Read SSH keys and send them to external servers - Plant instructions in your CLAUDE.md or MEMORY.md that persist across sessions - Hide commands in tool descriptions that Claude sees but you don't - Redirect your Anthropic API calls (including your API key) to attacker servers ⚓ What You Can Do Right Now Before installing any skill from GitHub or a community source, scan it first with Caterpillar (free, open-source): - Install: curl -fsSL caterpillar.alice.io/d/i.sh | sh - Scan: caterpillar scan ./skill-folder/ - Check the grade (A through F) and read the findings before installing They scanned 50 popular skills and found 54% had security issues. ⚓ Quick Red Flags (No Scanner Needed) - Does the SKILL.md request bash permissions you don't expect? (like curl to unknown URLs) - Does it reference external servers or APIs you didn't ask for? - Is the source repo less than a month old with no commit history? - Does it try to modify your CLAUDE.md, settings.json, or memory files? - Does it use base64 encoding or obfuscated strings? 🗝️ Always scan before you install. If it scores D or F — don't install it. For the full breakdown with real attack examples and a detailed checklist, check out the lesson in 🧪 The Deep End → "Scan Before You Install"