Skill by aliksir · 3 stars
Security audit plugin that scans Claude Code skills, hooks, and MCP configurations for threats. Detects 37 attack patterns including prompt injection, data exfiltration, supply chain attacks (ToxicSkills/ClawHavoc), credential theft, reverse shells, backdoor persistence, API endpoint hijacking, Unicode homoglyph attacks, and context window poisoning. Includes runtime hooks for Bash command validation and MCP response inspection.
/plugin install skill-security-check@claude-community