Trust,
but verify.
The trust certification service for AI agent skills. Scan, audit, and certify skills before they access your data.
—
Skills Scanned
15%
Found Dangerous
Free
For All Scans
The Process
Submit
Paste your SKILL.md content or provide a URL. Our scanner supports OpenClaw, Claude Code, and generic markdown formats.
Scan
Our engine runs 5 parallel analyzers: permissions, injection detection, dependency analysis, behavioral risk, and content safety.
Certify
Get a trust score (0-100), embeddable SVG badge, and detailed findings report. Listed in the public registry.
Detection Capabilities
Permission Analysis
Flags excessive or mismatched permissions for the skill's stated purpose.
Injection Detection
Catches prompt injection, instruction override, and social engineering attacks.
Dependency Scanning
Identifies suspicious URLs, IP addresses, and download-and-execute patterns.
Behavioral Risk
Detects unrestricted scope, system modification, and autonomous action risks.
Content Safety
Checks for safety boundaries, harmful content, and documentation quality.
Trust Badges
Embeddable SVG badges showing trust score. CERTIFIED, CONDITIONAL, SUSPICIOUS, or REJECTED.
> "Gen Digital found 15% of OpenClaw skills contain malicious instructions."
> Our scanner catches what they catch — and more. We use the ASST (Agent Skill Security Threats) taxonomy, our OWASP-style categorization of 10 threat categories specific to AI agent skills.
Scan Your First Skill
No account required. No payment. Paste your SKILL.md and get a trust report in seconds.
Start Scanning →