About the Index
The Skills Security Index is a centralized
repository providing security risk analysis for agentic AI skill
definitions. As AI agents increasingly rely on modular skills to
perform tasks, the instructions used to define these skills
become a critical attack surface. This index helps security
engineers and developers understand the potential "blast radius"
of any given skill before deployment.
Inside the Lab
Each entry in the index represents a unique skill found across
major platform registries in GitHub. We perform a
deep scan of the skill's identity, its instructions, and
associated code to build a comprehensive security profile.
Assessment Method
Analyses are performed against a standardized security schema
and focuse on instructional risk. Such as identifying
when a skill's prompts encourage an agent to bypass guardrails
or perform sensitive operations without oversight.
Risk Ranking Framework
Risk is calculated dynamically across three dimensions. A skill
is assigned the highest (most severe) level
detected among:
-
Pass: No significant risks detected in
instructions or tools.
-
Low: Minor capability risk with appropriate
scoping context.
-
Medium: Potentially risky tool use or
instructions that lack clear restrictions.
-
High: Direct instructions for sensitive
operations (e.g., broad file system write or unencrypted
network use).
-
Critical: Encouragement of malicious actions,
data exfiltration, or explicit bypasses.
Capabilities
We classify instructions into several buckets: Tools, Code
Execution, Web Access, File System, Data Access, Authentication,
Network, and System. "Detected" means the skill explicitly
encourages the agent to utilize these modalities.
Findings
Findings report specific deviations from security best
practices, such as Prompt Injection vulnerabilities,
Credential Exposure, or Excessive Permissions.
Permissions
Permissions are the underlying resource requests implied by the
skill. We evaluate whether each request is justified by the
skill's stated purpose.
