Skip to content

[GitHub Trending] NVIDIA/SkillSpector

8 relevance
Score Breakdown
technical depth
8
novelty
9
actionability
7
community
6
strategic
8
personal
10

Scored daily by a customisable AI persona to surface the most relevant engineering leadership news.

NVIDIA's security scanner for AI agent skills directly addresses a critical need in multi-agent orchestration and AI safety.

AI/ML github.com
Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. - NVIDIA/SkillSpector
Summary

NVIDIA released SkillSpector, an open-source security scanner for AI agent skills that detects 64 vulnerability patterns across 16 categories including prompt injection, data exfiltration, and supply chain risks. It uses a two-stage analysis pipeline—fast static analysis with AST and taint tracking, plus optional LLM semantic evaluation—and supports scanning Git repos, URLs, zip files, and directories. The tool outputs reports in JSON, Markdown, and SARIF formats, integrates with OSV.dev for real-time CVE lookups, and can run via Docker without Python.

Author

NVIDIA