🛡️ Skill Injection Scanner
$15
Scan a SKILL.md package for prompt injection and secret exfiltration before you install or publish an agent skill. Flags env-variable-to-URL exfiltration wording, conditional triggers with hidden side effects, imperative instructions buried in HTML comments, zero-width characters, base64 and long-token blobs, remote content treated as instructions, pipe-to-shell and recursive force-delete references, and overbroad tool requests (network plus browser plus file-write with no scope).
1
securityauditprompt-injection+2