32% of ClawHub skills contain malicious code — 1,676 skills scanned

Mandatory Security Scanning

The Only Skill Directory
With Security First

Every SKILL.md pre-scanned for malicious code, prompt injection attacks, and security vulnerabilities before listing.

Skills Scanned: 0
K
Browse Verified Skills
0
Skills Scanned
0
Malicious Blocked
99.8%
Detection Rate
Just now
Last Scan
Prompt Injection Tested
Sandbox Verified
No Exfiltration Code

Risk Breakdown by Marketplace

Real scan data from 1,676 skills across 3 marketplaces

clawhub.ai

1,416 skills

⚠️ HIGH RISK
CRITICAL
461
HIGH
71
MEDIUM
154
LOW
730

⚡ 32.6% CRITICAL — nearly 1 in 3 skills are dangerous

skillsmp.com

160 skills

✅ CLEAN
CRITICAL
0
HIGH
0
MEDIUM
4
LOW
156

✅ 97.5% clean — well-curated marketplace

skills.lc

100 skills

✅ CLEAN
CRITICAL
0
HIGH
1
MEDIUM
5
LOW
94

✅ 94% clean — trusted open source skills

Browse Skills

Discover verified, secure SKILL.md files for your AI workflows

How We Protect You

Every skill undergoes a rigorous 3-step security analysis before being listed in our directory.

1

Upload

Developers submit their SKILL.md files through our secure portal or API.

2

Scan

Our automated systems perform static analysis, prompt injection detection, and sandbox testing.

3

Verify

Clean skills receive a security score and are listed. Suspicious files are quarantined.

Static Analysis

Deep code inspection for malicious patterns, hidden commands, and suspicious API calls.

Learn more

Prompt Injection Detection

Specialized testing for jailbreak attempts, instruction overrides, and manipulation techniques.

Learn more

Behavior Sandbox

Isolated execution environment to observe actual runtime behavior and network activity.

Learn more
Read Full Security Methodology
Live Activity Feed

Frequently Asked Questions

Everything you need to know about SkillShield

A SKILL.md file is a standardized documentation format that describes how an AI model should perform a specific task or use a particular tool. It contains instructions, examples, constraints, and safety guidelines that help AI systems understand and execute the skill correctly.

Our scanning process uses a combination of static analysis, pattern matching, and dynamic sandboxing. We check for malicious code patterns, prompt injection vulnerabilities, data exfiltration attempts, and unexpected behavior in isolated environments. Each scan generates a detailed security report.

Absolutely! Anyone can submit a SKILL.md file for review. Simply create an account, upload your skill file, and our automated systems will begin the security scan. Once verified, your skill will be listed in the directory with full attribution.

Skills that fail our security checks are not listed in the public directory. The submitter receives a detailed report explaining what issues were found. Minor issues can often be fixed and resubmitted. Skills with serious security concerns are quarantined and flagged for manual review.

Yes! Browsing and using verified skills is completely free. We also offer free submissions for open-source skills. For commercial or high-volume submissions, we offer premium plans with priority scanning and additional features.

Ready to Secure Your AI Skills?

Join thousands of developers who trust SkillShield for verified, secure SKILL.md files.

Start Browsing