NVIDIA SkillSpector: Scan AI Agent Skills Before You Install
Ever downloaded a Claude Code skill or a Codex CLI extension without checking what it actually does? Yeah, me too. We all do. But here’s the thing — a recent study found 26.1% of agent skills contain security vulnerabilities, and 5.2% are outright malicious. I’ve seen the AI supply chain problem get real before. Still, that’s not a theoretical risk. So that’s roughly one in four skills carrying a security risk. ...