~ / directory / cisco-skill-scanner
CS
Mixed · AI Red Teaming · reviewed 2026-04

Cisco Skill Scanner

Open-source scanner for AI agent skills and tool-use security.

Visit github.com/cisco-ai-defense/skill-scanner
01

What it does

An open-source tool from Cisco AI Defense for scanning AI agent skills and tools for security vulnerabilities. Analyses tool definitions, permission scopes, and input validation to identify risks in how agents interact with external systems.

02

Security relevance

Agent skills (tool use) are a primary attack surface — improperly configured tools can enable data exfiltration, privilege escalation, and unintended actions. This scanner checks whether skills have proper input validation, permission boundaries, and error handling before deployment.

03

When to use it

Use during development and before deployment of AI agents with tool-use capabilities. Integrates into CI/CD pipelines for continuous scanning. Lower barrier than the A2A Scanner — suitable for teams getting started with agent security testing.

04

OWASP coverage

Risks addressed — mapped to both OWASP Top 10 standards. 2 in LLM, 2 in Agentic.

LLM Top 10 · 2025 · 2/10 covered
01
02
03
04
05
06
07
08
09
10
LLM01 · Prompt Injection LLM07 · System Prompt Leakage
Agentic Top 10 · 2026 · 2/10 covered
01
02
03
04
05
06
07
08
09
10
ASI02 · Tool Misuse & Exploitation ASI04 · Agentic Supply Chain Vulnerabilities
05

The raw record

What Yuntona stores. Single source of truth — fork it on GitHub.

name: Cisco Skill Scanner
slug: cisco-skill-scanner
type: Mixed
category: AI Red Teaming
url: https://github.com/cisco-ai-defense/skill-scanner

reviewed:   2026-04
added:      2026-04
updated:    2026-04

risks:
  llm:  [LLM01, LLM07]
  asi:  [ASI02, ASI04]

complexity:    Guided Setup
pricing:       —
audience:      Red Team
lifecycle:     [develop]

tags: [Agentic, Cisco, Open Source, Scanner]