We Scanned 3,984 Skills 1 in 7 Can Hack Your Machine

The text highlights significant security risks in AI skills, with 13.4% of analyzed AI skills containing critical vulnerabilities, such as prompt injections, obfuscated malicious code, and unauthorized system access. These risks stem from AI skills often operating with high privileges (e.g., root access) and the ease of creating skills that could be weaponized to execute malicious scripts or exfiltrate data. Attackers exploit weaknesses like prompt injection (hidden instructions in non-English text or Unicode smuggling) and unverified dependencies in open-source repositories, which can chain minor flaws into major threats. The proliferation of AI-generated code exacerbates these risks, as models are not inherently trained for security, necessitating supplementary tools to detect vulnerabilities in generated code.

Multiple security tools and practices are emphasized to mitigate these risks. Platforms like Sneak and Snyk provide agent-based scans to identify vulnerabilities in AI skills and Machine-Callable Packages (MCPs), integrating security checks into development workflows. Version control and strict governance are critical to prevent unintended changes to skills or MCPs, which could introduce hidden malicious functionality. Tools like Evo monitor runtime behavior to enforce security policies, restrict unauthorized model usage, and provide visibility into AI deployment patterns. Additionally, the TESOL registry and Snyks agent scan tool offer transparency by flagging risky skills and providing detailed vulnerability scores, enabling users to make informed decisions about deployment.

The text underscores the need for proactive security measures, including regular scanning, rigorous code review, and education on secure AI practices. As agent-based systems and MCPs grow in popularity, their integration with high-privilege environments introduces new attack surfaces, requiring developers to prioritize security from the outset. Challenges include detecting vulnerabilities in natural language prompts, addressing false positives, and balancing rapid AI adoption with thorough risk assessments. The discussion also highlights the importance of community engagement through events like AI Native DevCon to share best practices and foster collaborative efforts in securing AI ecosystems.