Audit AI Agent Skills
Before Execution
Set Up MCP Server
FreeZero-maintenance scanning. Always latest rules.
- YARA malware detection
- Credential theft & API key detection
- Command injection & reverse shells
- Data exfiltration patterns
- Obfuscation detection
- Risk score (0-100) + detailed findings
Human? Send this to your agent:
Read https://shieldon.dev/setup.md and set up the Shieldon MCP server to scan skills before installing them.
Agent? Read the setup instructions directly:
setup.mdWhat Shieldon Catches
Four categories of threats detected across every skill.md your agent encounters.
Credential Theft
Supabase, GitHub, OpenAI, Claude, cloud provider keys, private keys, .env / .ssh access
Command Injection
Reverse shells, curl | bash, privilege escalation, cron persistence, code injection
Data Exfiltration
webhook.site, paste services, ngrok tunnels, DNS tunneling, curl POST to external endpoints
Obfuscation
Base64 decode chains, hex encoding, eval() + encoding, char-by-char string building
How Scanning Works
Every scan runs through a 3-stage pipeline in under 2 seconds.
Pre-filter
Structure checks, suspicious patterns, quick red flags
Deep scan
37 detection patterns across 4 threat categories
Verdict
Risk score 0–100, severity level, SAFE / REVIEW / BLOCK
{
"risk_score": 75,
"risk_level": "HIGH",
"recommendation": "REVIEW",
"findings": [
{
"type": "Credential_Supabase_Access_Key",
"description": "Supabase access key pattern detected",
"severity": "HIGH",
"evidence": "Secret at offset 342: sb_secret_example"
}
],
"scans_remaining": 7
}Skill vs. MCP Server
Both produce identical scan results. Pick what fits your workflow.
| Skill | MCP Server | |
|---|---|---|
| Install | npx skills add | Add endpoint to config |
| Works offline | ||
| Rule updates | npx skills update | Automatic |
| LLM tier | Coming soon | |
| Attestations | Coming soon | |
| Best for | Individual devs, agents | CI/CD, infrastructure |