Between the ClawHub malware incident (341 malicious skills, 5 of the top 7 most downloaded were malware), the Snyk audit showing 36% of skills across registries have security flaws, and the Check Point CVEs from last week, I’ve been rethinking how I install skills. Right now the workflow for most people is: find a skill on GitHub, skim the SKILL.md , copy it to your skills folder, hope for the best. There’s no sandboxing between a skill and the agent. A skill that summarizes your PRs and a skill that reads your SSH keys and POSTs them somewhere look identical at install time. I’ve been looking into a few approaches: Repello has a free scanner at repello.ai/tools/skills where you upload a zip and get a score. AgentShield from the everything-claude-code repo does a deeper scan with Opus agents running red-team/blue-team analysis. Both are useful but require you to remember to scan before installing. For my own workflow I wrote a set of regex-based checks that run automatically on any skill before I install it. 8 checks: file structure, file types, dangerous command patterns (rm -rf, pipe-to-shell, fork bombs), secrets detection, env variable harvesting, network access audit, obfuscation detection, prompt injection patterns. Not perfect but catches the obvious stuff. What are you all doing? Reading every line manually? Using a scanner? Or just trusting GitHub stars and hoping for the best? submitted by /u/BadMenFinance
Originally posted by u/BadMenFinance on r/ClaudeCode