agent-skills-guard
🥈SilverAgent Skills Guard is a desktop application that provides security scanning and visual management for Agent Skills. It benefits operations teams by ensuring the safety and organization of skills, similar to an app store. The tool connects to Claude Code and helps manage skills within the skill marketplace.
329220Updated Today
Intermediate30min to implementautomation
Saves ~105 min per use
Quick InstallView Source
git clone https://github.com/brucevanfdm/agent-skills-guard.gitWorks with:
Claude
Overview
About This Skill
Agent Skills Guard is a desktop application that provides security scanning and visual management for Agent Skills. It benefits operations teams by ensuring the safety and organization of skills, similar to an app store. The tool connects to Claude Code and helps manage skills within the skill marketplace.
How to Use
[{"step":"Install Agent Skills Guard desktop application from the official marketplace. Ensure you have the latest version (v1.2.3 or higher) for full security rule coverage.","tip":"Check for updates monthly as new security risks are added regularly. Enable automatic updates in the app settings."},{"step":"Connect Agent Skills Guard to your Claude Code environment. In the app, go to Settings > Connections and authorize access to your local skill files.","tip":"Use the 'Test Connection' button to verify the connection works before running scans. Ensure your skills are in the default Claude Code workspace."},{"step":"Run a security scan on your target skill. Select the skill from the dropdown menu or enter the path to the skill directory manually.","tip":"For large skills, use the 'Quick Scan' option first to identify critical issues before running a full scan. Quick scans take 2-3 minutes vs 10-15 for full scans."},{"step":"Review the generated report in the 'Results' tab. Address high-priority issues first, then medium and low-priority items.","tip":"Use the 'Export Report' button to share findings with your team. The report includes code snippets and line numbers for easy reference."},{"step":"Re-scan after implementing fixes to ensure compliance. Use the 'Compare Scans' feature to track progress on remediation efforts.","tip":"Save scan configurations for recurring checks. Create named configurations for different skill types (e.g., 'Chatbot Security', 'Data Processing Rules')."}]
Tags
Setup & Installation
Quick Install
No install command available. Check the GitHub repository for manual installation instructions.
Alternative Install (Git Clone)
git clone https://github.com/brucevanfdm/agent-skills-guardRequirements
- Claude Code or compatible AI agent
- Works with: Claude
Quick Start Guide
1
Install the Skill
Copy the install command above and run it in your terminal.
2
Open Your AI Agent
Launch Claude Code, Cursor, or your preferred AI coding agent.
3
Try It Out
Use the prompt template or examples below to test the skill.
4
Customize
Adapt the skill to your specific use case and workflow.
Usage Examples
Prompt Template
Scan the [SKILL_NAME] for security vulnerabilities and organization issues using Agent Skills Guard. Check for: 1) [SPECIFIC_RISK_TYPE] risks, 2) compliance with [COMPANY_POLICY], and 3) proper categorization under [SKILL_CATEGORY]. Generate a report with actionable recommendations for remediation.
Example Output
## Agent Skills Guard Scan Report: 'Customer Support Chatbot v2.1'
**Security Findings:**
- ⚠️ **High Risk:** Unsanitized user input in `handle_message()` function allows potential SQL injection. Line 42 in `chatbot.py` uses direct string concatenation: `query = "SELECT * FROM messages WHERE user_id = " + user_input`.
- ✅ **Medium Risk:** API key for external service 'SentimentAnalyzer' is hardcoded in `config.py` (line 17). Recommend using environment variables.
- ✅ **Low Risk:** No rate limiting implemented for the `/chat` endpoint. Consider adding 10 requests/minute limit to prevent abuse.
**Organization Findings:**
- ⚠️ **Issue:** Skill description exceeds 200 characters and contains promotional language ('best in class'). Reword to: 'AI-powered customer support chatbot with sentiment analysis and knowledge base integration.'
- ✅ **Compliant:** Properly categorized under 'Customer Service' with tags ['chatbot', 'support'].
- ⚠️ **Suggestion:** Missing 'privacy_policy_url' field in skill.json. Add link to your company's privacy policy.
**Recommendations:**
1. Refactor `handle_message()` to use parameterized queries. Example fix: `query = "SELECT * FROM messages WHERE user_id = ?"` with `cursor.execute(query, (user_input,))`
2. Move `SENTIMENT_API_KEY` to `.env` file and update `.gitignore` to exclude it.
3. Add rate limiting middleware in your web framework (Flask example: `@limiter.limit("10/minute")`).
**Next Steps:**
- Address high-risk issues before publishing to the marketplace.
- Submit updated skill.json with corrected metadata.
- Schedule re-scan after implementing fixes to verify compliance.
*Note: This scan was performed on 2024-05-15 using Agent Skills Guard v1.2.3 with default security rules.*Apply to these tools
Browse all toolsStitch Data
Cloud ETL platform for non-technical data integration
IronCalc
IronCalc is a spreadsheet engine and ecosystem
Microsoft Teams
Get more done every day with Microsoft Teams – powered by AI
Supahub
Customer feedback management made simple
ServiceNow
Enterprise workflow automation and service management platform
GPT for work
Automate your spreadsheet tasks with AI power
Compatible MCP servers
Browse all MCP servers
Find the right skills for your stack
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan