skills-analyzer.socket.agency

Q: How to install skills-analyzer.socket.agency?

Create the skills directory: mkdir -p .claude/skills. Then run: mkdir -p .claude/skills && curl -o .claude/skills/skills-analyzer-socket-agency.md https://raw.githubusercontent.com/socket-agency/skills-analyzer.socket.agency/main/SKILL.md. Finally, /skills-analyzer-socket-agency in Claude Code.

Q: What is skills-analyzer.socket.agency best for?

skills-analyzer.socket.agency is categorized under General. It covers: security, api, agent.

New

GitHub TrendingGeneralby socket-agency

Static security analyzer for AI agent instruction artifacts (SKILL.md / AGENTS.md / CLAUDE.md): detects prompt injection, command execution, data exfiltration, obfuscation & supply-chain risk. FastAPI + React app with JSON/SARIF reports.

Summary

md) for security risks including prompt injection, command execution, data exfiltration, obfuscation, and supply-chain vulnerabilities.

It provides a FastAPI backend with a React frontend, outputting detailed JSON or SARIF reports to help developers harden their agent configurations.

Install & Usage

Create the skills directory

mkdir -p .claude/skills

Download the skill file

mkdir -p .claude/skills && curl -o .claude/skills/skills-analyzer-socket-agency.md https://raw.githubusercontent.com/socket-agency/skills-analyzer.socket.agency/main/SKILL.md

Invoke in Claude Code

/skills-analyzer-socket-agency

Use Cases

Scan a SKILL.md file for prompt injection patterns before deploying an AI agent.

Audit AGENTS.md for command execution risks that could allow unauthorized system access.

Check CLAUDE.md for obfuscated instructions that might hide malicious behavior.

Generate a SARIF report of security findings for integration into CI/CD pipelines.

Review third-party agent skill files for supply-chain risks before importing them.

Validate that agent instructions do not contain data exfiltration attempts via encoded payloads.

Usage Examples

/skills-analyzer-socket-agency scan path/to/SKILL.md

/skills-analyzer-socket-agency analyze --format sarif path/to/AGENTS.md

Analyze the CLAUDE.md in the current directory for security vulnerabilities.

View source on GitHub

securityapiagent

Security Audits

LicenseUnknownSourceWarnRepositoryPass

Frequently Asked Questions

What is skills-analyzer.socket.agency?

This skill statically analyzes AI agent instruction artifacts (SKILL.md, AGENTS.md, CLAUDE.md) for security risks including prompt injection, command execution, data exfiltration, obfuscation, and supply-chain vulnerabilities. It provides a FastAPI backend with a React frontend, outputting detailed JSON or SARIF reports to help developers harden their agent configurations.

How to install skills-analyzer.socket.agency?

To install skills-analyzer.socket.agency: create the skills directory (mkdir -p .claude/skills), then run: mkdir -p .claude/skills && curl -o .claude/skills/skills-analyzer-socket-agency.md https://raw.githubusercontent.com/socket-agency/skills-analyzer.socket.agency/main/SKILL.md. Finally, /skills-analyzer-socket-agency in Claude Code.

What is skills-analyzer.socket.agency best for?

skills-analyzer.socket.agency is a skill categorized under General. It is designed for: security, api, agent. Created by socket-agency.

What can I use skills-analyzer.socket.agency for?

skills-analyzer.socket.agency is useful for: Scan a SKILL.md file for prompt injection patterns before deploying an AI agent.; Audit AGENTS.md for command execution risks that could allow unauthorized system access.; Check CLAUDE.md for obfuscated instructions that might hide malicious behavior.; Generate a SARIF report of security findings for integration into CI/CD pipelines.; Review third-party agent skill files for supply-chain risks before importing them.; Validate that agent instructions do not contain data exfiltration attempts via encoded payloads..