NVIDIA releases SkillSpector: security scanner for AI agent skills
NVIDIA has published SkillSpector, an open-source Python tool for scanning AI agent skills to detect vulnerabilities, malicious patterns, and security risks. The repository is trending on GitHub with 1,920 total stars and 280 added today. The tool addresses an emerging security concern as agentic AI systems proliferate and third-party skill/tool ecosystems grow.
Related guides (3)
Related events (8)
Anthropic-Cybersecurity-Skills: 754 Structured Cybersecurity Skills for AI Agents
A GitHub repository providing 754 structured cybersecurity skills designed for AI coding agents, mapped to five major frameworks including MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, and NIST AI RMF. The skills are organized across 26 security domains and conform to the agentskills.io standard. The project claims compatibility with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI, and 20+ other platforms. It has accumulated 7,330 stars with 238 added today, indicating notable community traction.
agent-skills: Secure Validated Skill Registry for AI Coding Agents
A TypeScript-based open-source skill registry designed to extend AI coding agents including Claude Code, Cursor, GitHub Copilot, and Antigravity with validated, reusable capabilities. The project provides a structured way to add skills to multiple coding agent platforms with a focus on security and validation. It is gaining notable traction with 3,767 total stars and 225 stars added today.
K-Dense-AI/scientific-agent-skills: Ready-to-Use Agent Skills Library for Research and Engineering
A Python repository providing a collection of pre-built agent skills targeting research, science, engineering, analysis, finance, and writing tasks. The project has accumulated 24,087 stars with a notable single-day gain of 762 stars, indicating significant community traction. No detailed technical documentation is available from the snippet, but the scope suggests a modular agent tooling library.
Google releases 'skills' repository for agent integrations with Google products
Google has published an open-source Python repository called 'skills' providing agent skills for Google products and technologies, accumulating over 12,000 GitHub stars with strong daily momentum. The repository appears to be a collection of tool/skill definitions enabling AI agents to interact with Google's product ecosystem. High star count and rapid growth suggest significant community interest in agent tooling for Google services.
Anthropic Publishes 'Agent Skills' Public Repository
Anthropic has made a public GitHub repository called 'skills' available, described as a public repository for Agent Skills. The repository has accumulated 136,679 total stars with 514 added today, suggesting significant community interest. The project appears to be a Python-based resource related to agent capabilities, though specific technical details are sparse from the available description.
last30days-skill: AI agent skill for multi-source research synthesis
A Python-based AI agent skill on GitHub that queries Reddit, X, YouTube, Hacker News, Polymarket, and the web to research any topic, then synthesizes a grounded summary. The repository has accumulated 27,522 stars with 173 added today, indicating significant community traction. It represents a practical agent tool for multi-source information aggregation.
Deep Eye: Multi-Provider AI-Orchestrated Vulnerability Scanner
Deep Eye is an open-source Python tool that orchestrates multiple AI providers (OpenAI, Claude, Grok, Gemini, Ollama, Groq, Mistral, and others) to generate attack payloads and scan targets for 45+ vulnerability types. It produces professional security reports with compliance mapping. The project has accumulated 1,572 GitHub stars with 42 added today, indicating growing community interest in AI-augmented offensive security tooling.
SkillHarm: Lifecycle-Aware Benchmark for Skill-Based Attacks on AI Agents
SkillHarm is a new benchmark evaluating adversarial attacks on AI agent skills across their full use lifecycle, covering two attack scenarios: Fixed-Payload Poisoning (FPP) and Self-Mutating Poisoning (SMP). The benchmark includes 879 attack samples across 71 skills, organized under a 12-category risk taxonomy targeting data pipelines, system environments, and agent autonomy. Experiments show current agents remain highly vulnerable, with attack success rates up to 86.3% (FPP) and 69.3% (SMP). An automated construction pipeline called AutoSkillHarm, driven by coding agents, was used to generate the benchmark at scale.