Audit Skills (Premium Universal Security)
Overview
Expert security auditor for AI Skills and Bundles. Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
2-4 sentences is perfect.
When to Use This Skill
- Use when you need to audit AI skills and bundles for security vulnerabilities
- Use when working with cross-platform security analysis
- Use when the user asks about verifying skill legitimacy or performing security reviews
- Use when scanning for mobile threats in AI skills
How It Works
Step 1: Static Analysis
Performs non-intrusive static analysis to identify malicious patterns, data leaks, system stability risks, and obfuscated payloads.
Step 2: Platform-Specific Threat Detection
Analyzes code for platform-specific security issues across Windows, macOS, Linux/Unix, and Mobile (Android/iOS).
1. Privilege, Ownership & Metadata Manipulation
- Elevated Access: , , , , , .
- Metadata Tampering: , (macOS), (Windows), , .
- Risk: Unauthorized access, masking activity, or making files immutable.
2. File/Folder Locking & Resource Denial
- Patterns: , (immutable), , ACEs in .
- Global Actions: Locking or hiding folders in , , or .
- Risk: Denial of service or data locking.
3. Script Execution & Batch Invocation
- Legacy/Batch Windows: , , , , , .
- Unix Shell: , , , followed by execution.
- PowerShell: ,
powershell -ExecutionPolicy Bypass -File ...
- Hidden Flags: , , .
4. Dangerous Install/Uninstall & System Changes
- Windows: , , .
- Linux/Unix: , , .
- macOS: , deleting from .
- Risk: Removing security software or creating unmonitored installation paths.
5. Mobile Application & OS Security (Android/iOS)
- Android Tools: , , , , , .
- Android Files: Manipulation of (permissions), , or .
- iOS Tools: , , , , .
- iOS Files: Manipulation of , , or .
- Mobile Patterns: Jailbreak/Root detection bypasses, hardcoded API keys in mobile source, or sensitive permission requests (Camera, GPS, Contacts) in non-mobile skills.
- Risk: Malicious mobile package injection, credential theft from mobile builds, or device manipulation via ADB.
6. Information Disclosure & Network Exfiltration
- Patterns: , , , , , , , .
- Sensible Data: , , , (macOS), (Windows), (Android).
- Intranet: Scanning internal IPs or mapping local services.
7. Service, Process & Stability Manipulation
- Windows: , , .
- Unix/Mac: , , , .
- Low-level: Direct disk access (), firmware/BIOS calls, kernel module management.
8. Obfuscation & Persistence
- Encoding: , , loops, .
- Persistence: (Run keys), , , (macOS), units.
- Tubes: , .
9. Legitimacy & Scope (Universal)
- Registry Alignment: Cross-reference with .
- Structural Integrity: Does it follow the standard repo layout?
- Healthy Scope: Does a "UI Design" skill need or ?
Step 3: Reporting
Generates a security report with a score (0-10), platform target identification, flagged actions, threat analysis, and mitigation recommendations.
Examples
Example 1: Security Review
markdown
"Perform a security audit on this skill bundle"
Example 2: Cross-Platform Threat Analysis
markdown
"Scan for mobile threats in this AI skill"
Best Practices
- ✅ Perform non-intrusive analysis
- ✅ Check for privilege escalation patterns
- ✅ Look for information disclosure vulnerabilities
- ✅ Analyze cross-platform threats
- ❌ Don't execute potentially malicious code during audit
- ❌ Don't modify the code being audited
- ❌ Don't ignore mobile-specific security concerns
Common Pitfalls
-
Problem: Executing code during audit
Solution: Stick to static analysis methods only
-
Problem: Missing cross-platform threats
Solution: Check for platform-specific security issues on all supported platforms
-
Problem: Failing to detect obfuscated payloads
Solution: Look for encoding patterns like Base64, Hex, XOR loops, and atob()
Related Skills
- - Additional security scanning capabilities