Works with the AI tools you already use
ZeroDay Scanner
by Mowei
Read-only Windows scan for supply-chain worms and AI-assistant persistence that antivirus misses — with wiper-safe cleanup.
$20
· or 100 creditsSecure checkout via Stripe
About this skill
ZeroDay is a read-only Windows scanner that hunts the new wave of supply-chain and AI-assistant attacks traditional antivirus misses: self-propagating npm/PyPI worms (Shai-Hulud, Miasma/TeamPCP class), malicious Python startup hooks (.pth / sitecustomize), hijacked AI coding-assistant configs (Claude, Cursor, VS Code — hooks, tasks.json, MCP servers), tampered agent skills/plugins, prompt-injection via invisible Unicode, credential-exfil GitHub repos, and stealth persistence (Run keys, Startup, scheduled tasks, services). It runs 11 checks against a baseline you capture once, writes a clear markdown report plus a live self-refreshing status dashboard, and never modifies your system while scanning. When you confirm a threat, a separate, wiper-safe cleanup tool (quarantine.ps1) preserves a forensic copy first, then optionally neutralizes it (reversible) or removes it — and a plain-English REMOVAL.md walks you through the correct isolate-first order that avoids triggering a worm's file-wiper retaliation. ZeroDay improves itself over time. Supply-chain campaigns churn constantly, so its detection signatures live in an updatable feed (signatures.json), not buried in code. A built-in research-and-merge workflow finds threats disclosed since your last update, verifies each indicator against authoritative advisories (GitHub Advisory Database, OSV / OpenSSF malicious-packages, npm/PyPI, Socket, Microsoft, StepSecurity), and merges only high-confidence, low-false-positive indicators — new worm packages, dropper filenames, exfil hosts, and repo-name patterns — via update-signatures.ps1, which validates and de-duplicates every entry so a bad signature can never flag everything. The scanner unions these with built-in fallbacks and reminds you when signatures go stale, so coverage keeps growing without ever touching the tool's logic. No install, no dependencies beyond PowerShell, no admin required, and no data leaves your machine. Every release is sealed with a SHA-256 integrity manifest (verify-integrity.ps1) so you can confirm the download is untampered before you trust it.
Details
How to install
Drop the file into your AI Agent. Works with Claude, Cursor, ChatGPT, and 20+ more.
Security Scanned
Passed automated security review
Permissions
File Scopes
Read-only detection. WRITES are confined to the skill's own folder (reports/, status/, baseline.json, quarantine/). It reads standard PATH environment variables (%USERPROFILE%, %APPDATA%) only — no secret/credential env vars, no API keys. It reads (never writes) registry Run/RunOnce keys and queries scheduled tasks and services via the OS — these are system APIs, not files. Network is OPTIONAL: only `gh repo list` to api.github.com for the exfil-repo check, disabled with -SkipGitHub; nothing is uploaded. Destructive actions are opt-in only: quarantine.ps1 -Neutralize/-Remove act solely on a file path you pass, always preserve a copy first, and -Remove requires -Force. NOTE FOR REVIEWERS: scan.ps1 intentionally contains malware-detection signatures as inert string data (e.g. FromBase64String, webhook.site, credential regexes) — these are patterns it searches FOR, not behavior it performs.
Creator
Frequently Asked Questions
More Premium Skills
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
synthesizing-institutional-knowledge
Builds the organizational memory schema your AI agent needs to answer why — capturing decision provenance, causal chains, and event context that embedding-based retrieval permanently discards.

Business Strategist
A framework-driven consultant for business diagnosis, market mapping, and pricing strategy.