-
Notifications
You must be signed in to change notification settings - Fork 0
Scoring and Risk Scan
Connor edited this page Jul 3, 2026
·
2 revisions
The curator should make candidate quality and risk visible before installation.
Strict candidates should satisfy:
| Requirement | Why It Matters |
|---|---|
Contains SKILL.md
|
Ensures it is actually an Agent Skill. |
| Clear task fit | Avoids broad, noisy, or irrelevant installs. |
| License or reuse clarity | Reduces legal and reuse ambiguity. |
| Reasonable maintenance | Helps avoid stale workflows. |
| Examples or documentation | Improves confidence and usability. |
| No high-risk scan findings | Reduces prompt and supply-chain risk. |
Use references/scoring.md for detailed scoring rules. Common signals include:
- task relevance;
- skill structure;
- trigger description specificity;
- stars, forks, releases, and recency;
- documentation quality;
- examples and tests;
- license clarity;
- curation provenance;
- safety scan results.
Reject or heavily warn on candidates that:
- ask the agent to ignore system, developer, or user instructions;
- try to exfiltrate secrets, tokens,
.env, SSH keys, browser profiles, or private files; - run destructive shell commands without clear user intent;
- use opaque install scripts such as
curl ... | sh; - require broad permissions unrelated to the task;
- hide behavior in minified, encoded, or obfuscated scripts;
- use overbroad descriptions such as "use for all tasks" or "always run".
A safety scan is heuristic. Prefer:
Looks acceptable based on scanned files.
Avoid:
This is safe.
- Home / 首页
- Installation / 安装
- Platform Install Paths / 安装路径区别
- Cross Platform Usage / 跨平台使用
- Discovery and Routing / 发现与路由
- Scoring and Risk Scan / 评分与风险扫描
- Skill Scoring Rubric / Skill 评分标准
- Prompt Injection Risk Examples / 风险例子
- Install Governance / 安装治理
- Safe Installation Workflow / 安全安装流程
- Skill Lifecycle / 生命周期管理
- Why Not Auto Install High Star Skills / 为什么不自动安装高 star skill
- FAQ / 常见问题