Skip to content

Scoring and Risk Scan

Connor edited this page Jul 3, 2026 · 2 revisions

Scoring and Risk Scan

The curator should make candidate quality and risk visible before installation.

Candidate Requirements

Strict candidates should satisfy:

Requirement Why It Matters
Contains SKILL.md Ensures it is actually an Agent Skill.
Clear task fit Avoids broad, noisy, or irrelevant installs.
License or reuse clarity Reduces legal and reuse ambiguity.
Reasonable maintenance Helps avoid stale workflows.
Examples or documentation Improves confidence and usability.
No high-risk scan findings Reduces prompt and supply-chain risk.

Scoring Signals

Use references/scoring.md for detailed scoring rules. Common signals include:

  • task relevance;
  • skill structure;
  • trigger description specificity;
  • stars, forks, releases, and recency;
  • documentation quality;
  • examples and tests;
  • license clarity;
  • curation provenance;
  • safety scan results.

Risk Scan Checklist

Reject or heavily warn on candidates that:

  • ask the agent to ignore system, developer, or user instructions;
  • try to exfiltrate secrets, tokens, .env, SSH keys, browser profiles, or private files;
  • run destructive shell commands without clear user intent;
  • use opaque install scripts such as curl ... | sh;
  • require broad permissions unrelated to the task;
  • hide behavior in minified, encoded, or obfuscated scripts;
  • use overbroad descriptions such as "use for all tasks" or "always run".

Wording Standard

A safety scan is heuristic. Prefer:

Looks acceptable based on scanned files.

Avoid:

This is safe.

Clone this wiki locally