JSPM

skscan

0.1.1
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 8
  • Score
    100M100P100Q32756F
  • License MIT

Security scanner for AI agent skills — detect secrets, prompt injections, and dangerous code

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (skscan) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    skscan

    Security scanner for AI agent skills — detect secrets, prompt injections, dangerous code, data exfiltration, and hidden instructions in SKILL.md files.

    Install

    npx skscan .          # run without installing
npm install -g skscan # or install globally

    Scan

    skscan .              # scan current directory
skscan ./my-skill/    # scan a directory
skscan ./SKILL.md     # scan a single file

    Options

    -f, --format <fmt>   pretty | json | sarif (default: pretty)
-s, --strict         exit 1 on any finding
--ignore <rules>     comma-separated rule IDs to skip
-c, --config <path>  path to config file
--badge              output SVG badge to stdout

    Config

    Create .skscanrc.json:

    {
  "rules": {
    "secrets/high-entropy": "off"
  },
  "ignore": ["node_modules/**", "dist/**"]
}

    Or run skscan init to generate one.

    CI

    # .github/workflows/scan.yml
name: Security Scan
on: [push, pull_request]
jobs:
  skscan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - run: npx skscan ci .

    The ci command outputs JSON, emits GitHub annotations, and exits 1 on any finding.

    Exit Codes

    Code Meaning
    0 Pass
    1 Fail (findings detected)
    2 Error

    29 Rules, 5 Categories

    • Secrets (7) — AWS keys, GitHub tokens, private keys, passwords, high-entropy strings
    • Dangerous Code (8) — Remote code execution, destructive commands, dynamic execution
    • Prompt Override (6) — Instruction hijacking, role reassignment, restriction removal
    • Exfiltration (4) — Environment variable extraction, sensitive path access
    • Hidden Instructions (4) — Zero-width chars, invisible unicode, HTML comment injection

    Full rules reference and API docs at github.com/Khaledgarbaya/skillvault.

    License

    MIT