Skills
Snyk Agent Scan: Auto-Discovers Claude/Cursor/Gemini CLI Agents, Scans 15+ Risk Types Including Toxic Flows
Snyk's Agent Scan CLI auto-discovers agent configurations across Claude Code/Desktop, Cursor, Gemini CLI, and Windsurf, then scans for 15+ risk types: prompt injection, tool poisoning/shadowing, toxic flows, malware payloads, untrusted content, credential handling, and hardcoded secrets. The scanner combines multiple LLM-based judges with deterministic rules because agent skills are hybrid artifacts requiring both code analysis and language understanding. Two operating modes: CLI scan (comprehensive report) and Background mode (MDM/Crowdstrike integration for continuous monitoring). Skill Inspector detects malicious skills, insecure configurations, and leaked secrets before production.
Source
↳ Follow the thread