{"skill":{"slug":"audit-skills-security","displayName":"Audit Skills Security","summary":"Use when installing new skills, reviewing third-party skills, or verifying skill safety before use. Triggers on any new .md skill file appearing in skill dir...","tags":{"latest":"0.1.0"},"stats":{"comments":0,"downloads":122,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1774006615632,"updatedAt":1774008722124},"latestVersion":{"version":"0.1.0","createdAt":1774006615632,"changelog":"audit-skills-security 0.1.0 – Initial skill release for automated skill security auditing\n\n- Provides a structured skill security audit workflow triggered by new skill files or user requests.\n- Scans and analyzes skills for prompt injection, data exfiltration, privilege escalation, obfuscation, and persistence attacks.\n- Combines deterministic Grep scanning for known dangerous patterns with LLM-based semantic analysis across six dimensions.\n- Outputs a detailed and standardized audit report including rating, evidence lists, and actionable recommendations.\n- Includes strict protocol to prevent audit manipulation via prompt injection.\n- Adds a built-in disclaimer outlining tool limitations and advising human review for high-risk scenarios.","license":"MIT-0"},"metadata":null,"owner":{"handle":"yhy0","userId":"s172p34p6emz34m9wrf8241gp983hjhz","displayName":"yhy","image":"https://avatars.githubusercontent.com/u/31311038?v=4"},"moderation":{"isSuspicious":true,"isMalwareBlocked":false,"verdict":"suspicious","reasonCodes":["suspicious.prompt_injection_instructions"],"summary":"Detected: suspicious.prompt_injection_instructions","engineVersion":"v2.2.0","updatedAt":1774008722124}}