NEWSkillSec — elevating AI Skills security from malware detection to capability auditingSkillSecLearn more →
Home/Products/SkillSec
SkillSec · Intelligence

SkillSec

AI Skill security intelligence platform

Elevate Skill security from 'malware detection' to 'capability auditing'

Not just whether it's malicious, but which approval-worthy capabilities it grants an Agent once enabled. Powered by the CleanSource skills v2 audit engine.

NEW
SKILL.md · evidence chain
L12 · installs external depE3 review
L27 · uses enterprise API keyE4 block
L41 · write op / accountE4 block
L58 · local read-only parseE1 pass
blockneed_reviewpass
7
Risk domains
30+
Structured tags
E1–E5
Evidence grading
3-tier
Verdicts

A fully transparent Skill that does exactly what it says can still send material outbound, use an enterprise key to reach third parties, or write to systems. It isn't malicious — yet it can cross the enterprise admission boundary

Skills · evidence chain · capability auditSKILLSEC
Capabilities

Answer the question enterprises should actually ask

From 'is it malicious' to 'what will it gain, reach, and change once enabled'.

01

Capability-first 3-tier verdict

Not binary safe / malicious, but block / need_review / pass — separating legitimate-but-high-impact from confirmed-malicious.

02

Seven risk domains, structured tags

Covers input visibility, instruction & runtime execution, Agent permission & identity, data & memory, asset cost & real-world actions, abuse evasion, and supply-chain ecosystem.

03

E1–E5 reachability evidence

Doesn't block on keywords — grades by evidence strength, from mention-level, to commands and config, to executable chains, to runtime persistence.

04

Version-level poisoning intel

Extracts dependency candidates from build files and even natural-language install intent, matched at version level against poisoning intelligence.

05

Line-level
evidence chains

Every verdict carries evidence pinpointed to the SKILL.md line plus a disposition — auditable and reviewable, never keyword-hit-equals-verdict.

06

CI/CD & marketplace admission gates

Three-tier verdicts embed into CI/CD and Skill-marketplace admission; export JSON to SCA/SBOM, IAM/DLP, SIEM/SOAR, and ticketing.

Audit · AI Skill

AI Skill audit

Parses a Skill's manifest and implementation to reconstruct its true capability boundary — files, network, shell exec, secret access — and flags high-risk capabilities.

Capability recovery

Extracts real permissions from SKILL.md and code.

Over-reach visible

Detects hidden capabilities beyond what's declared.

High-risk flags

Shell exec, secret reads and the like get priority alerts.

file.readread filesnet.fetchnetworkshell.execshell exec · risky!env.secretread secrets · risky!SKILL.mdmanifest
dependency source · registryrequests2.31urllib32.0reqursts9.9!pyyaml6.0poisoned · typosquatreqursts → requests ?blocked & alerted
Supply chain · poisoning

Dependency poisoning detection

Compares dependency provenance and naming to catch typosquats, hijacked versions, and malicious injection — blocking and alerting on a hit.

Typosquat detection

Catches look-alike package names.

Provenance check

Verifies publisher and version integrity.

Instant block

Alerts and blocks the moment it matches.

Pipeline

A three-stage audit
modular by design

A Skills-for-Skills approach makes the audit flow itself dynamically loadable and extensible.

01

Admission filtering

Baseline static scanning rules out obviously malicious samples — the part legacy SAST/SCA already covers.

02

Semantic consistency

Aligns the SKILL.md natural-language description with actual code behavior to catch says-one-thing-does-another.

03

Capability & combination

Structured tags and evidence grading assess a single Skill, and detect attack chains emerging from multi-Skill collaboration.

Integrations

Turn verdicts into executable governance

SCA / SBOMIAM / DLPSIEM / SOARTicketingCI/CD gatesMarketplace admission
More / Products

Explore the full product suite

Get Started

Every enabled Skill —
seen clearly, and governed

Book a demo and see how SkillSec builds an admission-grade security intelligence line for your AI Agents.