Why is decompiling necessary for skill security?

Freeform Markdown is difficult for machines to audit reliably; decompiling into a normalized structure allows for deterministic, repeatable security checks.

How does the risk scoring system work?

It evaluates skills on a scale of 0-100 based on requested tool permissions, shell command complexity, and the presence of suspicious patterns like obfuscation or data exfiltration.

Does it modify my original SKILL.md files?

No, the tool is a read-only analyzer that generates external reports and does not alter the source Markdown definitions.

Can I use this in my deployment pipeline?

Yes, the tool supports directory-wide scanning and machine-readable JSON/YAML output, making it ideal for integration into CI/CD security gates.

What file types does this tool analyze?

It specifically analyzes SKILL.md files used to define capabilities and behaviors for Claude Code and other compatible AI agent frameworks.

Skill Security Analyzer

Name: Skill Security Analyzer
Author: lev-os

bylev-os

•

Security & Testing

Decompiles freeform SKILL.md files into machine-auditable structures to perform automated security audits and risk scoring.

Skill Security Analyzer bridges the gap between human-authored Claude Code skill definitions and deterministic security scanning by converting SKILL.md files into structured YAML or JSON. It automatically identifies potential risks—such as unauthorized tool permissions, suspicious shell commands, or exfiltration patterns—and provides a quantitative risk score from 0 to 100. This tool is essential for developers and security teams needing to vet third-party skills, maintain compliance through CI/CD gates, or perform periodic audits of their agent capabilities to prevent prompt injection and unauthorized data access.

Key Features

01Automated extraction of permissions, surfaces, and risk signals

022 GitHub stars

03Detection of obfuscation, exfiltration patterns, and potential prompt injection

04Quantitative risk scoring with categorized safety levels from safe to critical

05Directory-wide scanning capabilities with detailed summary reports

06Normalized conversion of Markdown skills to deterministic YAML or JSON

Use Cases

01Implementing security gates in CI/CD pipelines for repository contributions

02Auditing third-party Claude Code skills before local installation

03Identifying permission drift and over-privileged agents in a skill library

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lev-os/agents skill-decompile

For use in Claude.ai and ChatGPT