Mitiga Labs · Free tool

Scan an AI skill before your agent runs it

Skillgate detects, flags, and scores skills, hooks, and agent configuration files for prompt injection, hook RCE, credential exfiltration, and other attack techniques. Free to use. No account needed to browse.

Go to Skillgate See How it Works

Community Scans

2,412

+312 this week

New Findings

188

+2 this week

Contributors

2,412

+96 this week

Active Rules

75

Updated 2 days ago

Recently Investigated

Resources the community is looking into right now.

Resource

Type

Signal

Last Detected

Risk

.mcp/rogue-drop/package.json

IdanMit/skillgate_testing

MCP Pkg

Community Review

2d ago

90

.mcp/rogue-drop/package.json

IdanMit/skillgate_testing

MCP Pkg Community Review 2d ago

90

.claude/skills/supply-chain/SKILL.md

IdanMit/skillgate_testing

Skill

Prompt Injection

3d ago

86

.claude/skills/supply-chain/SKILL.md

IdanMit/skillgate_testing

Skill Prompt Injection 3d ago

86

.claude/settings.json

IdanMit/skillgate_testing

Config

Unsafe Permissions

10d ago

72

.claude/settings.json

IdanMit/skillgate_testing

Config Unsafe Permissions 10d ago

72

docs/poisoned-memory.md

IdanMit/skillgate_testing

Doc

Community Review

12d ago

54

docs/poisoned-memory.md

IdanMit/skillgate_testing

Doc Community Review 12d ago

54

.claude/settings.json

tvna/claude-md

Config

Unsafe Permissions

15h ago

20

.claude/settings.json

tvna/claude-md

Config Unsafe Permissions 15h ago

20

Open Research View

What is Skillgate?

Skillgate is a free, community-powered scanner from Mitiga Labs for third-party AI skills, prompts, configs, and repositories. Give it a public repo or file URL and it checks the file for known attack techniques, flags what it finds, and scores how dangerous the file is to load before your agent ever runs it. Browsing public scans is anonymous; submitting your own takes a free account.

“AI agents and skills are now wired into cloud, SaaS, and developer pipelines, yet they incorporate third-party instructions most teams never review. Skillgate gives the community a practical safety net so they can use the wealth of publicly available skills they find with increased confidence. It’s exactly the kind of research-driven tool Mitiga Labs was created to build.”

— Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga

HOW IT WORKS

Three steps,
nothing executed

01

Submit a URL

Paste a public GitHub link. Skillgate pins the scan to a specific commit, so you know exactly what was checked.

02

Detect & Flag

Skillgate reads the file with signature and AST analysis, plus an LLM-as-judge step forskills, and maps each finding to a known technique. Nothing is executed.

03

Score & Read

You get a risk score out of 100 and a verdict (Clean, Risky, Suspicious, orDangerous), an explanation of the score, findings grouped by severity, and eachdetectcion with how to fix it. A single file scans in seconds; a full repo takesa minute or two.

What it catches

More than 80 detection rules across 6 technique families

Mapped to the OWASP Agentic AI Top 10 and MITRE ATT&CK and ATLAS.

Prompt Injection

Hook RCE

Credit Exfiltration

Tool & Skill Poisoning

MCP Poisoning

Memory Poisoning

Command Injection

Persistance

Privilege Escalation

Lateral Movement

Supply Chain

Env-var Hijack

Anti-scanner Directives

Skill-structure Abuse

why trust skillgate

Research-built, framework-mapped, honest about limits

Built by Mitiga Labs

From the Breaking Skills research series on AI agent supply-chain attacks — the team that showed a single skill quietly pushing a whole codebase to an attacker's repo.

Mapped to frameworks you know

Every detection ties to the OWASP Agentic AI Top 10 and MITRE ATT&CK and ATLAS, so you see why a file was flagged, not just that it was.

Defend from AI

Skillgate is static analysis. It shows what it catches and names what it doesn't, and it never executes the file it scans.

Who its for

If you install skills, it's for you

Developers

Check a skill, hook, or MCP server from a marketplace before you install it.

Security teams

See what's inside the skills, hooks, and agent rules spreading across your org, and which ones score Dangerous.

Anyone who uses AI agents

You don't need a security background. Found a third-party skill and you're about to put it to use? Paste the link and see what's inside first.

Community scans

ⓘ

2,412

+312 this week

New findings

ⓘ

188

+2 this week

Contributors

ⓘ

2,412

+96 this week

Active rules

ⓘ

75

Updated 2 days ago

FAQ

Frequently asked questions

What is Skillgate?

A free, hosted scanner from Mitiga Labs that checks AI agent configuration files — skills, hooks, agent rules, MCP configs, and instruction files — for known attack techniques, then flags and scores them.

What files does Skillgate scan?

SKILL.md, hooks, CLAUDE.md, AGENTS.md, .cursorrules, .windsurfrules, MCP server configs, and install-time package metadata, pulled from public GitHub, GitLab, or Bitbucket URLs.

What does Skillgate detect?

Prompt injection, hook RCE, credential exfiltration, tool and skill poisoning, MCP and memory poisoning, command injection, persistence, privilege escalation, lateral movement, and more — 79 rules across 15 techniques.

Does Skillgate run or execute the skill?

No. It analyzes the file statically and with an LLM-as-judge step for skills. Nothing is executed.

How does Skillgate score a file?

Each finding carries a severity, and Skillgate returns a risk score out of 100 that reflects the most critical detections, plus a verdict of Clean, Risky, Suspicious, or Dangerous.

Is Skillgate free?

Yes. Browsing public scans is anonymous. Submitting a skill or repo to scan takes a free account.

Is Skillgate open source?

No. At launch it's a hosted tool. An API is planned for a future version.

What is an AI skill?

A reusable instruction bundle that tells an AI agent how to handle a task. Agents also load hooks, rules, and MCP server configs — the same files Skillgate scans.

where does skillgate fit?

Before execution—alongside the Mitiga Platform

Skillgate scans AI agent configuration files before execution. Separately, Mitiga's platform delivers Agentic Runtime Security: it detects malicious activity from anomalies and threat intelligence across cloud, SaaS, and AI, and anticipates, disrupts, and blocks active attacks before impact, powered by Helios AIDR. Skillgate is the check before an agent loads a file; the platform is how Mitiga defends what's already running.

Let them come.

No one can prevent attacks—but we can prevent their impact.

Get a demo

Scan an AI skill before your agent runs it

What is Skillgate?

Three steps,nothing executed

More than 80 detection rules across 6 technique families

Research-built, framework-mapped, honest about limits

Built by Mitiga Labs

Mapped to frameworks you know

Defend from AI

If you install skills, it's for you

Developers

Security teams

Anyone who uses AI agents

Frequently asked questions

What is Skillgate?

What files does Skillgate scan?

What does Skillgate detect?

Does Skillgate run or execute the skill?

How does Skillgate score a file?

Is Skillgate free?

Is Skillgate open source?

What is an AI skill?

Before execution—alongside the Mitiga Platform

Let them come.

Three steps,
nothing executed