Is that AI skill safe to install?
Scan any MCP skill or agent tool for security threats in 5 seconds. Free. No signup.
We'll scan for credential theft, data exfiltration, prompt injection & more
Any SKILL.md, MCP tool config, or agent definition
Pattern matching, intent detection, capability fingerprinting
Risk score, findings, shareable link — in seconds
Free basic scans. Pay per premium scan with USDC via x402 — no account needed.
Pattern matching, URL reputation, intent analysis, shareable report
+ Capability fingerprinting, threat chains, permission manifest
Scan your whole skill library at once. Risk breakdown included.
# Free scan by URL curl -X POST https://skillaudit.vercel.app/scan/url \ -H "Content-Type: application/json" \ -d '{"url": "https://example.com/SKILL.md"}' # Free scan by content curl -X POST https://skillaudit.vercel.app/scan/content \ -H "Content-Type: application/json" \ -d '{"content": "... skill text ..."}'
| Endpoint | Cost | Description |
|---|---|---|
POST /scan/url | Free | Scan a skill by URL |
POST /scan/content | Free | Scan raw skill content |
POST /scan/deep | $0.05 | Full capability analysis + threat chains |
POST /scan/batch | $0.10 | Batch scan up to 20 URLs |
POST /scan/compare | $0.05 | Compare two skill versions |
GET /scan/:id | Free | Get scan result (JSON) |
GET /report/:id | Free | View scan report (HTML) |
GET /stats | Free | Ecosystem scan statistics |
GET /openapi.json | Free | OpenAPI 3.0 spec |