The AI Native Dev - from Copilot today to AI Native Software Development tomorrow We Scanned 3,984 Skills — 1 in 7 Can Hack Your Machine
54 snips
Mar 17, 2026 Brian Vermeer, a security pro at Snyk focused on developer-facing tooling, explains risks hidden in agent skills. They scanned nearly 4,000 skills and found widespread critical issues. Brian breaks down prompt injection, obfuscation tricks, supply-chain and credential risks, how trusted skills can turn malicious, and how Snyk’s agent scan and registry integrations help spot problems before you install.
AI Snips
Chapters
Transcript
Episode notes
One In Eight Skills Had Critical Flaws
- 13.4% of scanned skills (534 of 3,984) contained at least one critical security issue.
- Snyk's scan of the Tessl registry surfaced this systemic risk across published skills, revealing wide exposure at scale.
Skill Files Are A Textual Attack Surface
- Skills are plain-text MD files and can carry prompt injections, obfuscation, or encoded payloads.
- Examples include Base64, foreign language text, or Unicode smuggling that hide instructions readable by LLMs but not humans.
Local Execution Gives Skills Dangerous Privileges
- Skills executing locally often run with high privileges, so a malicious skill can create and run bash scripts or download binaries with broad impact.
- That enables 'vibe coding' of exploits where prompts produce executable payloads on the user's machine.