SkillRisk – Static security scanner for Claude Code and MCP AI skills

Summary: SkillRisk is a local-first static analyzer that scans AI Agent Skills defined in JSON or YAML to detect privilege escalation, injection vulnerabilities, and malicious hooks. It audits skill code without execution, helping secure AI workflows by identifying hidden risks before deployment.

What it does

SkillRisk parses skill definitions for Claude Code and MCP to identify unchecked sudo/root access, command injection points, and hidden execution scripts like PreToolUse hijacking. It performs static analysis entirely in-memory without running the code.

Who it's for

It is designed for developers and users of AI agents who integrate Claude Code or MCP skills and need to audit these executable plugins for security risks.

Why it matters

SkillRisk addresses the risk of malicious or vulnerable AI skills that can execute harmful commands or incur unexpected costs by detecting security issues before the skills are used.