Skills
Snyk Rebrands MCP-Scan to Agent Scan v0.4.13: Scans 7+ AI Coding Agents for 15+ Risks Including Prompt Injection, Tool Poisoning, and Credential Leaks
Snyk rebranded its MCP-Scan tool to Snyk Agent Scan, expanding coverage beyond MCP servers to AI agents and agent skills. The CLI auto-discovers configurations for Claude, Cursor, Windsurf, Gemini CLI, Amp, Amazon Q, and others. It scans for 15+ risk categories including prompt injection, tool poisoning/shadowing, toxic flows, malware payloads, and hardcoded secrets. New Background Mode integrates with MDM and CrowdStrike for continuous fleet monitoring. The Skill Inspector web tool lets anyone scan agent skills for free before installing them.
Source
↳ Follow the thread