Nvidia SkillSpector · AI Automation Society

Nvidia SkillSpector

You probably didn't audit that AI agent skill before you installed it.

Most people don't. It's a GitHub link, it looks legitimate, someone recommended it in a Discord, so you clone it and run it.

Here's the problem: researchers analyzed 42,447 AI agent skills from major marketplaces and found that 26.1% contain at least one vulnerability. 5.2% show likely malicious intent.

That's not a theoretical risk. That's the actual landscape of skills being shared and installed right now.

What can a malicious skill do?

- Harvest your API keys and environment variables

- Exfiltrate your conversation context to an external server

- Execute arbitrary code on your machine

- Persist across sessions via cron jobs or startup scripts

- Poison your agent's memory to manipulate future behavior

NVIDIA just open-sourced SkillSpector — a security scanner built specifically for AI agent skills. It works across Claude Code, Codex CLI, Gemini CLI, and any other skill-based agent framework.

What it scans for:

- Prompt injection

- Data exfiltration

- Privilege escalation

- Supply chain issues (live CVE lookups via OSV.dev, no API key needed)

- MCP tool poisoning

- Memory poisoning

- Rogue agent behavior

- 64 total vulnerability patterns across 16 categories

Point it at a local directory, a GitHub URL, or a zip file. Fast static analysis first, optional LLM semantic pass to filter false positives and explain findings in plain language.

If you're building with AI agents, run this before you install a skill someone shared.

It's free, Apache 2.0, and takes about 5 minutes to set up.

Repo in the comments

2 comments