SECURITY REVIEW PROCESS

skill-creator

Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better t

$ skillvault review skill-creator

→ Fetching SKILL.md from https://github.com/anthropics/skills...

→ Running Stage 1 automated scan...

✓ Stage 1 PASSED — Risk score: 10/100

✓ Stage 2 PASSED — Human review complete

✓ Stage 3 PASSED — Sandbox execution clean

✓ Skill signed and published to registry

✅

Stage 01

Automated Scan

Checked prompt injection, IoC matches, credential paths, shell commands, network calls. Score: 10/100

✅

Stage 02

Human Review

Automated review. Risk: very_low. Score: 10/100.

✅

Stage 03

Sandbox Execution

Skill executed in isolated container. Network traffic and file access logged. Zero deviations from declared behavior.

✅

Stage 04

Cryptographic Signing

SHA-256 hash of skill directory signed via Sigstore keyless signing. Logged in public transparency log.

Full Scan Findings

Prompt injectionCLEAN

Known IoC matchesNONE

Network callsNONE

Credential pathsNONE

Shell commands1 FOUND

Social engineering0/100

Final verdictAPPROVED

View Security Report Card →