In this tutorial, we explore how NVIDIA SkillSpector helps us evaluate AI skills for security risks before they are used in real-world workflows. We build a controlled corpus containing both benign and deliberately vulnerable skills, scan them through SkillSpector’s programmatic LangGraph workflow, and organize the resulting risk scores and findings with pandas. We then visualize severity and category distributions, export results in SARIF format, extend the framework with a custom analyzer, and optionally apply LLM-based semantic analysis for deeper validation.
Installing NVIDIA SkillSpector and Building a Skill Corpus
import os
import sys
import json
