NVIDIA SkillSpector: Should You Scan Your AI Agent Skills Before Installing Them?

If you have been using Claude Code, Codex CLI, Gemini CLI, or any agent framework that supports "skills," you have probably installed a few skills from a marketplace or a random GitHub repo without reading every line of code inside them. Most people do. The skill promises to help with PDF generation, data analysis, or some other task, you drop it into your project, and you move on.

NVIDIA's new open source tool, SkillSpector, exists because that habit is riskier than it looks. This article walks through what SkillSpector does, how to set it up, and whether it is worth adding to your workflow.

What SkillSpector actually does

SkillSpector is a security scanner purpose-built for AI agent skills rather than general source code. It runs a two-stage pipeline:

Static analysis — fast, regex and AST-based pattern matching that looks for dangerous code patterns (exec, eval, subprocess, obfuscated payloads), taint flows from sensitive sources to network or execution sinks, YARA signature matches for known malware/webshell/cryptominer patterns, and dependency checks against the OSV.dev vulnerability database.