skill-security-scan

🥈Silver

skill-security-scan is a command-line tool designed to scan and detect security risks in Claude Skills. Before installing third-party Skills, use this tool for security review to effectively prevent malicious code from stealing data or compromising your system.

8310Updated Today

Intermediate30min to implementautomation

Saves ~30 min per use

Quick InstallView Source

git clone https://github.com/huifer/skill-security-scan.git

Works with:

Claude

Overview

About This Skill

Setup & Installation

Quick Install

No install command available. Check the GitHub repository for manual installation instructions.

Alternative Install (Git Clone)

git clone https://github.com/huifer/skill-security-scan

Requirements

Claude Code or compatible AI agent
Works with: Claude

Quick Start Guide

Install the Skill

Copy the install command above and run it in your terminal.

Open Your AI Agent

Launch Claude Code, Cursor, or your preferred AI coding agent.

Try It Out

Use the prompt template or examples below to test the skill.

Customize

Adapt the skill to your specific use case and workflow.

Usage Examples

Prompt Template

Scan the following Claude Skill for security risks: [SKILL_CODE]. Provide a detailed report including vulnerabilities, potential threats, and recommendations for remediation.

Example Output

# Security Scan Report

## Vulnerabilities Found
- **Insecure Data Handling**: The skill stores sensitive user data in plain text.
- **Unverified Inputs**: The skill accepts user inputs without validation.
- **Excessive Permissions**: The skill requests more permissions than necessary.

## Potential Threats
- **Data Leakage**: Sensitive information could be exposed.
- **Code Injection**: Malicious code could be executed.

## Recommendations
- Implement data encryption for sensitive information.
- Validate all user inputs to prevent injection attacks.
- Request only necessary permissions.