loading
loading
Threat-review an agent system for prompt injection, secret exposure, over-broad tools, and ungated actions.
Reviews the tool permissions, not just the prompt — where most agent security actually fails. Pairs with prompt-injection-shield for the fixes.
Listed for review
No verified public repo for this skill yet, so this page does not give you an install command. Skills with a verified source install in one command — or fully manual: copy the skill folder into .claude/skills/ and your agent picks it up.
Boostor Quality Score
84/100 · B
Agent Security Reviewer reads your agent architecture, tool list, data sources, and intended actions, then produces a threat review ordered by remediation priority. It looks past the prompt text at the actual tool permissions: it flags prompt-injection exposure, secrets reachable from model context, tools scoped wider than the task needs, irreversible or outbound actions with no human gate, and the lethal-trifecta combinations that turn one poisoned input into data loss. Output is concrete controls, not vague safety copy.
Cut an agent's tool scopes to least privilege — required actions in, write and delete gated.
Does the tedious least-privilege pass teams skip — strips scopes a task doesn't need without breaking reads, and gates write and delete.
Transparent + deterministic: every point above is computed from this skill's real fields plus a prompt-injection safety scan. No black box, no pay-to-rank.
Harden your agent against prompt injection — treat web, file, and MCP output as untrusted and gate risky actions.
The honest take on prompt injection: don't try to detect it, defuse it. It enforces the lethal-trifecta budget and gates risky actions — defense that actually holds.