A security scanner for Claude Code skills
The post introduces skill-firewall, an open-source CLI tool for checking SKILL.md files used with Claude Code. It says the tool looks for malicious instructions, command injection, and attempts to access credentials. It can be used as a pre-session hook before a Claude Code session starts.
Key points
- skill-firewall is described as an open-source CLI tool for scanning AI agent SKILL.md files.
- It checks for malicious instructions, command injection, and credential access attempts.
- The post says it can run as a pre-session hook for Claude Code.
- The security issue is framed as a supply-chain attack risk for AI tool workflows.
Quick term guide
- open-source
- Software whose code is shared publicly so others can inspect, use, or change it.
- command injection
- An attack that sneaks unwanted commands into something that gets run.
- credentials
- Secret keys or tokens used to access an account or service.
- credential
- Information that proves permission to use an account, card, or service.
- pre-session
- The time period right before the regular stock market opens for trading.
- Solo makers
- People who build and launch their own products or services entirely on their own.
- skill file
- A text file of instructions that an AI agent reads at the start of a session to guide how it behaves.
- Agent Skill
- A small add-on that lets an AI tool perform a specific task.