skill-issue is a static security analyzer that scans skill directories for prompt injection, credential leaks, malicious code, and social engineering patterns. 50+ built-in rules. Single binary. Zero dependencies.
| Severity | Rule | File | Line | Message |
|---|---|---|---|---|
| ERROR | SL-INJ-001 | prompt.md | 12 | Prompt injection: "ignore previous" |
| ERROR | SL-SEC-006 | config.yml | 7 | GitHub token detected (ghp_...) |
| WARNING | SL-NET-002 | fetch.sh | 3 | Curl command with external URL |
| WARNING | SL-SOC-003 | README.md | 18 | Trust manipulation: "authorized by..." |
Comprehensive scanning across 8 categories of security threats specific to AI skill definitions.
Catches system prompt overrides, role manipulation, instruction boundary bypasses, and jailbreak attempts before they reach production.
Detects API keys, AWS credentials, private keys, bearer tokens, GitHub tokens, connection strings, and hardcoded passwords.
Finds invisible Unicode characters, base64/hex encoded payloads, HTML comment hiding, data URI embedding, and obfuscated variable names.
Flags curl, wget, fetch, XMLHttpRequest, socket connections, DNS lookups, and data exfiltration patterns that combine network calls with secrets.
Catches eval(), exec(), shell commands, subprocess calls, dynamic imports, cron jobs, and process manipulation across Python, JavaScript, and Bash.
Identifies urgency/authority language, confidentiality claims, trust manipulation, output suppression, and emotional manipulation tactics.
Download and run. No runtime, no install scripts, no dependency tree. Built in Rust for speed and portability.
Not a generic SAST tool. Rules are specifically designed for prompt injection, social engineering, and skill-specific attack vectors.
Regex-based detection runs in milliseconds. Fast enough for pre-commit hooks, CI gates, and real-time editor integration.
One command to download. One command to scan. That's it.