Security scanner for agent skills. Detects prompt injection, data exfiltration, credential harvesting, and malicious code patterns using static analysis, behavioral dataflow, and optional LLM-as-a-judge.
bash scripts/scan.sh /path/to/skill
skill-scanner scan /path/to/skill
skill-scanner scan /path/to/skill --use-behavioral
SKILL_SCANNER_LLM_API_KEY="$ANTHROPIC_API_KEY" \
SKILL_SCANNER_LLM_MODEL="claude-sonnet-4-5" \
skill-scanner scan /path/to/skill --use-behavioral --use-llm --enable-meta --llm-provider anthropic
skill-scanner scan-all /root/clawd/skills --recursive --use-behavioral
skill-scanner scan /path/to/skill --use-behavioral --format markdown --detailed
skill-scanner scan /path/to/skill --use-behavioral --fail-on-severity medium
| Flag | Purpose |
|---|---|
| ------ | --------- |
--use-behavioral | AST dataflow analysis (recommended, no API key needed) |
--use-llm | LLM semantic analysis (requires API key) |
--enable-meta | False positive filtering |
--fail-on-severity high | Exit non-zero if HIGH/CRITICAL found (CI/CD) |
--format markdown | Markdown report |
--format html | Interactive HTML report |
--detailed | Include per-finding code snippets |
--lenient | Tolerate malformed skills |
bash scripts/scan.sh /path/to/skilllossless-claw plugin as a false positive (file read + network send is the LCM summarization pipeline -- it is safe)--use-behavioral for dataflow coverage共 1 个版本