MondooMondoo
AI Agent Security
Skill Threat IntelligenceCLIFAQ
Log inGet Assessment

AI Agent Skill Check is a free AI agent skill security scanner by Mondoo. We scan skills across ClawHub, Skills.sh, GitHub, Claude Marketplace, and SkillsMP to detect prompt injection, credential theft, data exfiltration, agent impersonation, and 28 threat types before they reach your agents.

Mondoo

  • Vulnerability Management
  • Technology
  • Services

Solutions

  • Financial Services
  • Manufacturing
  • Healthcare

Resources

  • Blog
  • Skill Check CLI
  • Documentation
  • GitHub

Company

  • About
  • Careers
  • Partners
  • Contact

Legal

  • Privacy
  • Terms
  • Imprint
MondooMondoo© 2026 Mondoo, Inc.

Skills

Browse, search, and filter AI agent skills across all registries.

SkillAI AgentsSummaryStarsInstallsFindingsRisk
skills/find-skills
vercel-labs
GitHubSkills.sh

The skill insecurely executes unpinned npx packages and forces automatic installations via the -y flag, creating significant risks of supply chain attacks and unauthorized package deployment.

24.5k2.3M4
70High
skills/frontend-design
anthropics
GitHubSkills.sh

The skill lacks transparency due to the absence of code blocks or usage examples, preventing users from verifying its functionality and security posture.

156.8k607.4k1
15Low
agent-skills/vercel-react-best-practices
vercel-labs
GitHubSkills.sh

No security issues detected in vercel-labs/agent-skills/vercel-react-best-practices.

28.6k520.8k–
0None
agent-browser/agent-browser
vercel-labs
GitHubSkills.sh

This skill facilitates remote code execution via dynamic instruction fetching, exposes sensitive session data through an insecure proxy, and employs keyword stuffing to hijack agent control for unauthorized tasks.

36.5k467.0k8
70High
agent-skills/web-design-guidelines
vercel-labs
GitHubSkills.sh

The skill insecurely fetches and executes remote instructions, enabling unauthorized third parties to dynamically override the agent's behavior and bypass safety controls.

28.5k424.9k2
70High
azure-skills/microsoft-foundry
microsoft
GitHubSkills.sh

The skill uses keyword stuffing for over-triggering, lacks defined tool constraints for sensitive operations, and references missing documentation, suggesting potential runtime execution from unverified external sources.

1.2k422.6k7
40Medium
azure-skills/azure-deploy
microsoft
GitHubSkills.sh

The skill contains multiple broken documentation links to missing external files, creating an opaque execution environment that prevents proper security evaluation of its deployment workflows.

1.2k419.4k6
15Low
skills/grill-me
mattpocock
GitHubSkills.sh

The skill lacks transparency due to missing code examples and licensing information, but it contains no malicious code or security vulnerabilities.

150.5k416.3k2
15Low
azure-skills/azure-messaging
microsoft
GitHubSkills.sh

The skill lacks sufficient documentation and code examples, preventing users from verifying its functionality and assessing potential security risks.

1.2k408.0k1
15Low
skills/remotion-best-practices
remotion-dev
GitHubSkills.sh

The skill uses unpinned dependencies, hides content via CSS, performs unauthorized network and system operations, and relies on missing external documentation, creating significant security and supply chain risks.

3.9k404.8k10
70High
azure-skills/azure-ai
microsoft
GitHubSkills.sh

The skill exhibits potential impersonation risks and relies on missing documentation files, causing silent workflow degradation and preventing transparent evaluation of its functionality.

1.2k402.6k7
40Medium
azure-skills/azure-diagnostics
microsoft
GitHubSkills.sh

The skill contains multiple broken documentation references, indicating incomplete packaging that may cause runtime failures or unexpected behavior when accessing external resources.

1.2k402.2k5
15Low
azure-skills/azure-prepare
microsoft
GitHubSkills.sh

The skill lacks defined tool constraints and relies on missing external documentation, creating an opaque execution environment that prevents proper security auditing and verification of its runtime behavior.

1.2k402.1k7
15Low
azure-skills/azure-storage
microsoft
GitHubSkills.sh

The skill contains multiple broken documentation links, indicating poor maintenance and potential runtime instability due to missing dependency references.

1.2k401.8k5
15Low
azure-skills/azure-validate
microsoft
GitHubSkills.sh

The skill lacks transparency and relies on missing external documentation, creating an opaque execution environment that prevents proper security verification of its runtime behavior.

1.2k401.5k4
15Low
azure-skills/entra-app-registration
microsoft
GitHubSkills.sh

The skill lacks transparency and contains multiple broken documentation references, leading to potential runtime failures or reliance on unverified external content.

1.2k401.4k6
15Low
azure-skills/appinsights-instrumentation
microsoft
GitHubSkills.sh

The skill lacks transparency and contains multiple broken documentation references, leading to silent runtime degradation and an inability for users to verify its intended functionality.

1.2k401.3k6
15Low
azure-skills/azure-compliance
microsoft
GitHubSkills.sh

The skill lacks transparency and references multiple missing documentation files, creating an opaque execution environment where workflows may silently degrade or fetch external content from untrusted sources.

1.2k401.3k6
15Low
azure-skills/azure-rbac
microsoft
GitHubSkills.sh

The skill lacks transparency and verifiable code documentation, preventing users from assessing its security posture or confirming it performs only intended Azure role-based access control operations.

1.2k401.3k1
15Low
azure-skills/azure-resource-lookup
microsoft
GitHubSkills.sh

The skill exhibits a potential supply chain risk by referencing external documentation that is missing from the package, which could lead to unauthorized content injection or runtime execution errors.

1.2k401.3k1
15Low
azure-skills/azure-aigateway
microsoft
GitHubSkills.sh

The skill impersonates a brand, lacks declared tool constraints, performs unauthorized network access, and relies on missing external documentation, creating significant security and transparency risks.

1.2k401.2k8
40Medium
azure-skills/azure-kusto
microsoft
GitHubSkills.sh

No security issues detected in microsoft/azure-skills/azure-kusto.

1.2k401.1k–
0None
azure-skills/azure-resource-visualizer
microsoft
GitHubSkills.sh

The skill contains broken documentation links and missing assets, leading to silent runtime degradation and a lack of transparency regarding its operational dependencies.

1.2k401.1k4
15Low
azure-skills/azure-hosted-copilot-sdk
microsoft
GitHubSkills.sh

The skill contains broken documentation links to missing reference files, causing silent workflow degradation and preventing users from verifying security and configuration practices.

1.2k391.3k6
15Low
azure-skills/azure-compute
microsoft
GitHubSkills.sh

The skill forces the agent to bypass verified security best practices and relies on missing, externally sourced workflow files, creating significant risks of instruction override and unauthorized code execution.

1.2k362.0k6
70High
azure-skills/azure-cloud-migrate
microsoft
GitHubSkills.sh

The skill lacks transparency and relies on multiple missing documentation files, creating an opaque execution environment where critical workflow logic is sourced from external, unverified locations at runtime.

1.2k352.0k6
15Low
skills/remotion-render
halt-catch-fire
GitHubSkills.sh

The skill enables arbitrary remote code execution by sending user-provided TSX to an external service and uses unpinned npx commands, creating significant risks for code injection and supply-chain attacks.

584351.6k3
40Medium
skills/ai-video-generation
halt-catch-fire
GitHubSkills.sh

The skill executes unpinned npx packages at runtime, creating a critical supply chain vulnerability that allows for the potential execution of malicious or compromised code.

584351.4k2
40Medium
runcomfy-agent-skills/nano-banana-edit
agentspace-so
GitHubSkills.sh

The skill executes unpinned and unverified npx packages at runtime, creating a significant supply chain risk by allowing arbitrary, potentially malicious code to run without integrity checks.

29351.3k2
40Medium
skills/ai-image-generation
halt-catch-fire
GitHubSkills.sh

The skill impersonates a known brand and executes unpinned npx packages at runtime, creating a significant supply chain risk by allowing arbitrary code execution from the latest npm versions.

584351.3k3
40Medium
skills/twitter-automation
halt-catch-fire
GitHubSkills.sh

The skill executes unpinned packages at runtime and routes sensitive authentication credentials through an untrusted third-party platform, creating significant risks of supply chain compromise and credential exfiltration.

584351.3k3
40Medium
runcomfy-agent-skills/flux-2-klein
agentspace-so
GitHubSkills.sh

The skill executes unpinned, unverified dependencies and lacks tool constraints, while its image processing functionality introduces risks of indirect prompt injection via adversarial visual payloads.

29350.2k4
40Medium
skills/improve-codebase-architecture
mattpocock
GitHubSkills.sh

The skill lacks defined tool constraints and mandates opaque, unverified external dependencies, creating an insecure execution chain that prevents proper security auditing and risk assessment.

150.5k342.4k5
70High
skills/grill-with-docs
mattpocock
GitHubSkills.sh

The skill insecurely invokes an external dependency without verifying its origin or permissions, creating a significant risk of supply chain attacks and unauthorized privilege escalation.

150.5k342.1k3
70High
runcomfy-agent-skills/image-edit
agentspace-so
GitHubSkills.sh

The skill lacks defined tool constraints, executes unpinned dependencies, and processes external image URLs, creating significant risks of remote code execution and indirect prompt injection.

27336.9k5
40Medium
runcomfy-agent-skills/nano-banana-2
agentspace-so
GitHubSkills.sh

The skill executes unpinned and unverified packages via npx, creating a critical supply chain vulnerability that allows for the arbitrary execution of malicious or compromised code at runtime.

27336.9k2
40Medium
skills/tdd
mattpocock
GitHubSkills.sh

The skill lacks essential documentation files and a specified license, leading to potential runtime errors and ambiguity regarding usage terms.

150.5k323.3k4
15Low
runcomfy-agent-skills/video-edit
agentspace-so
GitHubSkills.sh

The skill lacks defined tool constraints, executes unpinned and unverified dependencies, and processes external media, creating significant risks for arbitrary code execution and indirect prompt injection attacks.

27321.2k4
40Medium
runcomfy-agent-skills/image-to-video
agentspace-so
GitHubSkills.sh

The skill executes unpinned, unverified remote packages and performs unrestricted system operations while exposing users to potential adversarial prompt injection through external image processing.

27320.3k4
40Medium
runcomfy-agent-skills/gpt-image-edit
agentspace-so
GitHubSkills.sh

The skill risks supply chain compromise through unpinned npx execution and exposes the agent to indirect prompt injection by processing unverified image content from external URLs.

27319.1k4
40Medium
runcomfy-agent-skills/seedance-v2
agentspace-so
GitHubSkills.sh

The skill executes unverified, unpinned packages via npx, creating a critical supply chain vulnerability that allows for the arbitrary execution of malicious code from the npm registry.

27317.0k2
40Medium
skills/agentspace
agentspace-so
GitHubSkills.sh

The skill poses a significant security risk by exfiltrating arbitrary local files to a third-party service and executing unverified dependencies, potentially compromising user credentials and system integrity.

10305.8k5
70High
skills/to-prd
mattpocock
GitHubSkills.sh

The skill forces the execution of an unverified external command that could inject malicious configurations or hooks into the agent's environment, posing a significant security risk.

150.5k303.6k3
70High
cli/lark-drive
larksuite
GitHubSkills.sh

The skill contains multiple broken documentation references that cause silent workflow degradation and fails to specify a required license, indicating poor maintenance and lack of transparency.

15.0k302.6k6
15Low
cli/lark-whiteboard
larksuite
GitHubSkills.sh

The skill executes unverified global dependencies and relies on external, non-packaged configuration files, creating a centralized security risk through insecure, unpinned, and opaque authentication and workflow logic.

15.0k301.5k8
40Medium
cli/lark-skill-maker
larksuite
GitHubSkills.sh

The skill lacks defined tool constraints, allowing unrestricted execution of commands, file operations, and network access, which poses a significant security risk for unauthorized system interaction.

15.0k299.5k2
15Low
agent-skills/sleek-design-mobile-apps
sleekdotdesign
GitHubSkills.sh

The skill introduces supply chain risks by fetching unpinned external assets and insecurely piping API responses directly into local files, enabling potential arbitrary code injection.

432298.6k3
15Low
cli/lark-calendar
larksuite
GitHubSkills.sh

The skill documentation references multiple missing local files, causing potential runtime instability, and fails to specify a required license for usage.

15.0k296.7k6
15Low
Page 1 of 1129