Skill Security Vendor Pack
by Roy Yuen
Audit AI agent skills for security risks, packaging errors, and marketplace readiness with professional reports.
- Audit third-party skills before installing them in your environment.
- Generate professional security clearance reports for your enterprise clients.
- Validate skill metadata and structure before submitting to an AI marketplace.
Free
Included in download
- Downloadable skill package
- Works with Claude Code, OpenClaw).
- 2 permissions declared
See it in action
You say
Audit my local SEO-audit-skill folder and save the results to output.json and report.md.
Your agent does
Security Review: [PASS/WARNING]
- Risk Level: Medium
- Issues:
- Found 'subprocess.run' call in skill.py (Suspicious Pattern)
- Missing 'tags' in skill.yaml (Packaging Issue)
- JSON artifacts saved to output.json.
- Full Markdown report generated for client delivery.
Skill Security Vendor Pack
by Roy Yuen
Audit AI agent skills for security risks, packaging errors, and marketplace readiness with professional reports.
Free
Included in download
- Downloadable skill package
- Works with Claude Code, OpenClaw).
- 2 permissions declared
- Instant install
See it in action
You say
Audit my local SEO-audit-skill folder and save the results to output.json and report.md.
Your agent does
Security Review: [PASS/WARNING]
- Risk Level: Medium
- Issues:
- Found 'subprocess.run' call in skill.py (Suspicious Pattern)
- Missing 'tags' in skill.yaml (Packaging Issue)
- JSON artifacts saved to output.json.
- Full Markdown report generated for client delivery.
About This Skill
Ensure Professional Credibility for Your AI Skills
The Skill Security Vendor Pack is a specialized auditing tool designed for developers and agencies building for AI marketplaces. It automates the pre-flight inspection of skill packages, ensuring they meet the high standards required for commercial distribution and client delivery.
What it does
This skill performs a deep-dive scan of a skill folder to identify security risks, packaging defects, and marketplace-readiness gaps. It replaces manual checklists with an automated, script-based review process that generates both developer-friendly JSON data and client-ready Markdown reports.
- Permission Auditing: Scans for high-risk or over-scoped permissions that might block marketplace approval.
- Pattern Matching: Flags suspicious code patterns or shell execution risks that require manual verification.
- Packaging Validation: Checks for missing configuration files, metadata inconsistencies, and directory structure errors.
- Portable Analysis: Built with zero-dependency Python for easy inclusion in CI/CD pipelines or local development workflows.
Why use this skill?
While basic prompting might catch high-level errors, this skill follows a strict Output Contract, ensuring every report is structured for professional use. It provides evidence-backed flags rather than generic warnings, allowing you to fix issues before they become "denied" statuses on a marketplace or security concerns for a client. It effectively turns your audit process into a repeatable, professional service.
Use Cases
- Audit third-party skills before installing them in your environment.
- Generate professional security clearance reports for your enterprise clients.
- Validate skill metadata and structure before submitting to an AI marketplace.
- Integrate security linting into your skill development CI/CD pipeline.
Known Limitations
- Scans are signature-based and may miss highly obfuscated code.
- Does not perform dynamic sandbox execution or network traffic analysis.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/skill-security-vendor-pack -o /tmp/skill-security-vendor-pack.zip && unzip -o /tmp/skill-security-vendor-pack.zip -d ~/.claude/skills && rm /tmp/skill-security-vendor-pack.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Compatible with SKILL.md-compatible agents (e.g., Claude Code, OpenClaw).
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.
Multi-Agent Orchestration Master Library
Transform Claude Code into a coordinated multi-agent system. Battle-tested tmux orchestration patterns, YAML task queues, event-driven communication, and parallel worker management for 8+ agents.
Legacy Code Modernization Planner for AI Coding Agents
Creates safe modernization roadmaps for old, messy, undocumented, or fragile codebases, including risk audits, refactor phases, dependency reviews, testing plans, migration steps, and AI coding prompts.