SkillScan is an open-source CLI tool for static security analysis of AI agent skill files. Below are 17 llm eval & observability apps with similar functionality to SkillScan, matched by what each product actually does — not ranked or scored. Explore each to find the closest fit for your use case.
SkillWard is a web-based dashboard that automates security analysis of skill packages through static analysis, LLM-based evaluation, and sandbox execution. It is designed for developers and security analysts to detect vulnerabilities and risks in uploaded code packages.
agent-skill-scanner is an open-source CLI tool that scans agent skill files for security vulnerabilities, including prompt injection, capability escalation, and data exfiltration. It applies 22 security rules to help AI developers and security researchers identify and mitigate risks in LLM agent skills. The tool is MIT licensed and suitable for anyone building or auditing AI agent systems.
cisco-ai-skill-scanner is an open-source CLI tool for scanning Agent Skills packages to detect prompt injection, data exfiltration, and malicious code. It is designed for AI security engineers and developers working with LLM agents and skills.
skillscan-trace is an open-source behavioral execution engine designed for MCP-based AI agent skills. It provides tools for analyzing, executing, and securing agent behaviors, supporting developers working with autonomous agent frameworks.
skill-auditor is an open-source command-line tool that scans AI Agent skills for security issues before installation. It acts as an install gate, helping developers and maintainers ensure that only safe and validated skills are added to their AI agents. Ideal for those building or managing AI agent frameworks.
Security Skill is an open-source CLI tool that integrates advanced security modules into AI coding assistants such as Cursor, Claude, and Copilot. It helps developers detect and fix vulnerabilities automatically in their codebases.
skillsafe is an open-source CLI client for managing AI coding tool skills. It allows developers to scan, save, share, install, and verify skills securely via a command-line interface. Ideal for developers seeking to manage AI skills across tools with security and transparency.
SkillShield is a web platform that analyzes AI agent skills and MCP servers for security vulnerabilities, providing a 0-100 trust score and embeddable badges. It helps developers and organizations ensure the safety of their AI integrations.
aig-skill-scan is an open-source CLI tool that leverages LLMs to perform multi-stage code audits and vulnerability reviews for agent skills. It is designed for security engineers and developers seeking automated, in-depth security analysis of AI agent codebases.
nyuwayskillscanner is an open-source CLI tool designed for enterprise security scanning of AI agent skill bundles defined in SKILL.md files. It performs static analysis to detect vulnerabilities, including prompt injection risks, helping security teams and developers maintain safe AI agent deployments.
skilltotal is an open-source CLI tool for static security analysis of AI components, focusing on prompt injection and supply chain risks. It is designed for AI developers and security engineers to ensure the safety of AI systems.
agentaudit-scanner is an open-source CLI tool that scans AI agent skills, rule files, and MCP configurations for security risks like prompt injections and hidden instructions. It is designed for AI security engineers and developers to ensure safe agent deployments.
skillaudit.sh is a web-based tool that scans LLM skill files for security vulnerabilities such as prompt injection, data exfiltration, privilege escalation, and supply chain risks. It helps AI developers and security teams ensure the safety and integrity of their AI integrations.
SkillSpec is an open-source command-line tool that verifies and executes agent skills based on SKILL.md contracts. It helps developers ensure that agent skills are reliable, follow specifications, and integrate with various agent harnesses. Ideal for AI agent developers and researchers.
Evaluate agent skills via static analysis, trigger testing, and trace analysis. Run `sklab` after installing to scan your skills.
SkillFortify — Supply chain security scanner for AI agent skills. Supports 22 frameworks.
skillstat is an open-source command-line tool for diagnosing, auditing, and optimizing the skill usage of AI agents. It provides analytics and reports to help developers understand and improve agent performance across various tools.