Thiernodcire/claude-skills-security
Working repo for analyzing the security implications of Claude skills: threat model, reviewer checklist, and annotated non-weaponized PoCs.
SUMMARY AI要約 by gpt-5-mini
A working repository for analyzing the security implications of Claude Code “skills” and similar agent-loadable instruction bundles. It’s intended for developers, security reviewers, auditors, and operators who author, install, or evaluate skills and Agent SDK/MCP server bundles. Key points: - Documents concrete risks (e.g., skill description is trusted input injected into the agent prompt; skill bodies may include executable scripts; skills can chain with other tools; third‑party installs have low review friction). - Contains a threat model (THREAT_MODEL.md), annotated proof‑of‑concept skills demonstrating risky patterns, mitigations and a review checklist, and references. - Scope covers Claude Code, Claude Desktop/claude.ai, Agent SDK, and MCP-bundled skills; PoCs use safe payloads and the repo is an early, non-production workspace. License TBD.
DETECTED 検出されたAIスタック
このRepoのdescription / GitHub topics / READMEのAI要約に出現したAI関連キーワードをカテゴリ別に表示。各バッジは該当カテゴリの詳細ランキングへリンクします。
オーナー情報
日付
| GitHub作成日 | 2026-05-12 |
| 最終Push | 2026-05-12 |
| 当サイト初検出 | 2026-05-12 |
| 最終取得 | 2026-05-12 16:13 |