GenAI Updates AI security, Nvidia, SkillSpector Mike 31. Mai 2026 0 Kommentare

GitHub – NVIDIA/SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.

SkillSpector by NVIDIA, A Practical Security Check for AI Agent Skills

If you’ve been experimenting with AI agent tools lately, you’ve probably noticed how quickly these “skills” can start to feel like plug-ins for your workflow. Handy, yes. But also a little unsettling. That’s exactly where SkillSpector comes in.

Available here: https://github.com/nvidia/skillspector

SkillSpector is NVIDIA’s open source security scanner for AI agent skills, built to spot vulnerabilities, malicious patterns, and other security risks before you install anything. And that timing matters. AI agent skills used by tools like Claude Code, Codex CLI, and Gemini CLI often run with implicit trust, which means they can do a surprising amount of damage if something shady slips through. A recent study cited by the project found that 26.1% of skills contain vulnerabilities, while 5.2% show likely malicious intent. That’s not a tiny edge case. That’s a real problem.

What I like about this project is that it doesn’t treat security like an afterthought. SkillSpector uses a two-stage detection pipeline. First, it looks for suspicious patterns with an LLM prompt that includes anti-jailbreak protections, so malicious skills can’t easily trick the scanner itself. Then it checks dependencies against the OSV.dev API, pulling from a huge vulnerability database across PyPI and npm. That’s the kind of layered approach you’d hope for when you’re trusting software to inspect other software… because one lock on the door usually isn’t enough.

It also detects 64 vulnerability patterns across 16 categories, which gives it a pretty broad safety net. Of course, if outbound HTTPS access to api.osv.dev isn’t available, the tool falls back to a static list, so live checking is always better.

SkillSpector is released under the Apache License 2.0, and contributions are welcome. If you’re working with AI agent skills, this is one of those tools that can quietly save you from a bad install, or at least make you pause and ask the right question: should this really be trusted?