← Back to plugins

skill-security-check

Skill by aliksir · 3 stars

Security audit plugin that scans Claude Code skills, hooks, and MCP configurations for threats. Detects 37 attack patterns including prompt injection, data exfiltration, supply chain attacks (ToxicSkills/ClawHavoc), credential theft, reverse shells, backdoor persistence, API endpoint hijacking, Unicode homoglyph attacks, and context window poisoning. Includes runtime hooks for Bash command validation and MCP response inspection.

/plugin install skill-security-check@claude-community