Mondoo

Know what your AI agents are running

AI agent skills can read your files, steal credentials, and exfiltrate data. skillcheck scans your machine in seconds and tells you what's safe.

View on GitHubAI Agent Skill Threat Intelligence
skillcheck CLI demo — scanning AI agent skills
Claude CodeClaude Code
CursorCursor
OpenAI CodexOpenAI Codex
Gemini CLIGemini CLI
GitHub CopilotGitHub Copilot
WindsurfWindsurf
GooseGoose
ClineCline
KiroKiro
RooRoo
TraeTrae
OpenCodeOpenCode
Kilo CodeKilo Code
Claude CodeClaude Code
CursorCursor
OpenAI CodexOpenAI Codex
Gemini CLIGemini CLI
GitHub CopilotGitHub Copilot
WindsurfWindsurf
GooseGoose
ClineCline
KiroKiro
RooRoo
TraeTrae
OpenCodeOpenCode
Kilo CodeKilo Code

Why scan your skills?

Skills have full access
A single malicious skill can read ~/.ssh, ~/.aws, and browser cookies — then exfiltrate them through an LLM call.
No review process
Unlike app stores, most skill registries have no security review. Anyone can publish, and agents auto-install from config.
Silent & persistent
Compromised skills run every time you use your agent. There are no permission prompts, no sandboxes, no audit logs.

What it detects

Prompt injectionHidden instructions that hijack agent behavior
Credential theftReading SSH keys, API tokens, cloud credentials
Data exfiltrationSending private files or code to external servers
Command executionRunning shell commands, downloading payloads
ObfuscationBase64, Unicode tricks, hidden text in instructions
28 threat categoriesMITRE ATLAS and OWASP LLM Top 10 mapped

Use cases

Before installing a skill
Check any skill against the Mondoo threat database before adding it to your agent config.
npx @mondoohq/skillcheck
Audit your dev machine
Discover every skill installed across all your AI agents and flag known threats.
npx @mondoohq/skillcheck --verbose
Gate CI/CD pipelines
Block deployments when critical or high-risk skills are found on build agents.
npx @mondoohq/skillcheck --json
Secure your team
Run skillcheck across developer machines to ensure no one has compromised skills installed.
npx @mondoohq/skillcheck --no-color

How it works

1.
Discover
Finds installed skills, plugins, MCP servers, and rules across all agents
2.
Hash
Computes SHA-256 content hash for each skill file
3.
Lookup
Queries Mondoo AI agent skill threat intelligence for known threats
4.
Report
Shows findings with severity, summary, and full report links

Unknown skills show as clean — skillcheck fails open and never blocks your workflow.

Works with 19+ agents

Claude CodeCursorOpenAI CodexGemini CLIGitHub CopilotWindsurfGooseContinueClineKiroRooTraeAugmentOpenHandsOpenCodeKilo CodeMistral VibeQwen CodeWarp
Show detection paths
AgentDetects
Claude Codeskills, plugins, MCP servers
Cursorskills, MCP servers, rules
OpenAI Codexskills, plugins, MCP servers
Gemini CLIskills, MCP servers
GitHub Copilotskills, MCP servers
Windsurfskills, MCP servers, rules
Gooseskills, extensions
Continueskills
Clineskills
Kiroskills
Rooskills
Traeskills
Augmentskills
OpenHandsskills
OpenCodeskills
Kilo Codeskills
Mistral Vibeskills
Qwen Codeskills
Warpskills

Installation

Run without installing:

npx @mondoohq/skillcheck

Install globally:

npm i -g @mondoohq/skillcheck

Precompiled binaries for macOS, Linux, and Windows on GitHub Releases.

From the blog

Agent Skills: Real Power, Real Risk
Why AI agent skills are the next software supply chain attack surface.
Introducing Mondoo AI Skills Check
How we built a 6-layer analysis pipeline to detect malicious AI agent skills.

Learn more