skill-firewall
NewSupply-chain firewall for AI agent skills — scan SKILL.md for prompt injection before your agent reads it
Summary
md files for prompt injection attacks before your agent reads them.
- It helps developers protect their AI agents from malicious or unintended instructions embedded in third-party skill definitions.
Install & Usage
mkdir -p .claude/agentsAdd the configuration to .claude/agents/skill-firewall.md
@skill-firewallUse Cases
Usage Examples
/skill-firewall scan path/to/skill/SKILL.md
/skill-firewall check --dir ./skills
Run a prompt injection scan on the skill file I just downloaded.
Security Audits
Frequently Asked Questions
What is skill-firewall?
This skill acts as a supply-chain firewall for AI agent skills by scanning SKILL.md files for prompt injection attacks before your agent reads them. It helps developers protect their AI agents from malicious or unintended instructions embedded in third-party skill definitions.
How to install skill-firewall?
To install skill-firewall: create the agents directory (mkdir -p .claude/agents), then add the config to .claude/agents/skill-firewall.md. Finally, @skill-firewall in Claude Code.
What is skill-firewall best for?
skill-firewall is a agent categorized under General. It is designed for: agent. Created by hotsa104.
What can I use skill-firewall for?
skill-firewall is useful for: Scan a newly downloaded community skill for prompt injection before integrating it into your agent.; Automatically check all skills in a project directory for suspicious patterns during CI/CD pipeline runs.; Validate a custom SKILL.md file you wrote to ensure it doesn't contain accidental injection vectors.; Audit a skill repository for prompt injection vulnerabilities before sharing it with your team.; Integrate into a pre-commit hook to prevent committing skills with injection risks.; Quickly inspect a skill file from an untrusted source before loading it into Claude Code..