SkillGuard
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| scan_skillA | Statically scan a Claude Code skill, plugin, or MCP server (a local path or a git/GitHub URL) for malware patterns BEFORE installing it: secret/env exfiltration to suspicious hosts, install-time (pre/postinstall) hooks, obfuscated remote execution (eval(atob), base64|sh), prompt injection in tool descriptions/SKILL.md, committed binaries, and auto-approve/skip-permission configs. Static-only — it clones and reads files, never executes the target code, so scanning something malicious is safe. Returns a verdict (clean/suspicious/dangerous) with the flagged files. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/epistemedeus/skillguard'
If you have feedback or need assistance with the MCP directory API, please join our Discord server