Skills
Snyk Agent Scan: AI Agent Supply Chain Security Scanner — Auto-Discovers Configs, 15+ Risk Checks, Open Preview at RSA 2026
Snyk launched Agent Scan at RSA Conference 2026, an open-source security scanner that auto-discovers agent configurations across Claude Code/Desktop, Cursor, Gemini CLI, and Windsurf, then scans for 15+ risks including prompt injection, tool poisoning/shadowing, toxic flows, malware payloads, and hardcoded secrets. It treats MCP servers and agent skills as a supply chain problem — the same threat model Snyk applies to npm packages. For builders: run snyk-agent-scan alongside Golf Scanner for defense-in-depth on your local agent setup.
Source
↳ Follow the thread