isnad-scan — Security Scanner for AI Agent Skills

Scan any skill, package, or directory for security threats before installing or running it.

Quick Scan

CODEBLOCK0

Scans a directory and reports findings by severity (CRITICAL, HIGH, MEDIUM, LOW).

Options

CODEBLOCK1

What It Detects (69+ patterns)

Code Injection — shell execution, eval, exec, subprocess, os.system, dynamic imports
Prompt Injection — role override attempts, instruction hijacking, jailbreak patterns
Credential Exfiltration — env var harvesting, keychain access, token theft, file reads of sensitive paths
Network Threats — reverse shells, DNS exfiltration, unauthorized outbound connections, webhook data leaks
Filesystem Attacks — path traversal, symlink attacks, /etc/passwd reads, SSH key access
Supply Chain — typosquatting detection, minified JS analysis, binary file scanning, hidden files
Crypto Risks — weak algorithms, hardcoded keys, wallet seed extraction

When to Use

1. 1. Before installing a new skill — scan the skill directory first
2. Auditing existing skills — periodic security review
3. Reviewing PRs/contributions — catch malicious code in submissions
4. Pre-publish validation — ensure your own skills are clean before sharing
5. CI/CD integration — isnad-scan . --json for automated checks

Interpreting Results

CODEBLOCK2

Examples

Scan a ClawHub skill before installing:
CODEBLOCK3

Full audit with CVE checking:
CODEBLOCK4

JSON output for automation:
CODEBLOCK5

Python API

CODEBLOCK6

About ISNAD

ISNAD (إسناد) means "chain of transmission" — a method for verifying the authenticity of transmitted knowledge. isnad-scan is the security layer of the ISNAD Protocol, bringing trust verification to the AI agent skill ecosystem.

PyPI: pip install isnad-scan
GitHub: counterspec/isnad
Protocol: isnad.md