13% of AI Agent Skills Are Backdoored. No Scanner Can See Them.

1 / 2

13% of AI Agent Skills Are Backdoored. No Scanner Can See Them.

DEV Community·Aaron Schnieder·28 days ago

#n63cDJ1D

#ai #security #agents #agent #skill #trust

Reading 0:00

15s threshold

VentureBeat dropped a bombshell today: one command can turn any open-source repo into an AI agent backdoor, and no supply-chain scanner has a detection category for it. The tool is called CLI-Anything. It's a state-of-the-art system from the University of Hong Kong that analyzes any repo's source code and generates SKILL.md files — the same instruction-layer artifacts that AI coding agents like Claude Code, Codex, OpenClaw, and Cursor trust and execute. 30,000+ GitHub stars since March. But here's the problem: Snyk's ToxicSkills research found 76 confirmed malicious payloads across ClawHub and skills.sh. 13.4% of agent skills contain critical security issues. And no scanner can see them.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

13% of AI Agent Skills Are Backdoored. No Scanner Can See Them.