{"id":"c02260cc-7ea2-46b7-b425-d2c21c43ac55","shortId":"DTakrc","kind":"skill","title":"Snyk Agent Scan MCP and Skill Security Scanner","tagline":"Snyk Agent Scan automatically discovers and scans AI agent components including MCP servers, agent skills, and agent harnesses for security vulnerabilities like prompt injections, tool poisoning, tool shadowing, and malware payloads. It supports Claude Code, Cursor, Windsurf, Gem","description":"# Snyk Agent Scan MCP and Skill Security Scanner\n\nSnyk Agent Scan automatically discovers and scans AI agent components including MCP servers, agent skills, and agent harnesses for security vulnerabilities like prompt injections, tool poisoning, tool shadowing, and malware payloads. It supports Claude Code, Cursor, Windsurf, Gemini CLI, VS Code, and more.\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- uv run pip install -e .\n- uv run -m src.agent_scan.cli\n\nRequirements and caveats from upstream:\n- <a href=\"https://pypi.python.org/pypi/snyk-agent-scan\"><img src=\"https://img.shields.io/pypi/v/snyk-agent-scan.svg\" alt=\"snyk-agent-scan\"/></a>\n- <a href=\"https://pypi.python.org/pypi/snyk-agent-scan\"><img src=\"https://img.shields.io/pypi/l/snyk-agent-scan.svg\" alt=\"snyk-agent-scan license\"/></a>\n- <a href=\"https://pypi.python.org/pypi/snyk-agent-scan\"><img src=\"https://img.shields.io/pypi/pyversions/snyk-agent-scan.svg\" alt=\"snyk-agent-scan python version requirements\"/></a>\n\nBasic usage or getting-started notes:\n- **Use --dangerously-run-mcp-servers** only in trusted environments where you've verified all MCP server commands\n- To get started:\n- **Sign up at [Snyk](https://snyk.io)** and get an API token from [https://app.snyk.io/account](https://app.snyk.io/account) (API Token → KEY → click to show).\n\n- Source: https://github.com/snyk/agent-scan\n- Extracted from upstream docs: https://raw.githubusercontent.com/snyk/agent-scan/HEAD/README.md\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/snyk-agent-scan-mcp-skill-security-scanner/)","tags":["snyk","agent","scan","mcp","skill","security","scanner","skills","agentskillexchange","agent-skills","ai-agents","ai-tools"],"capabilities":["skill","source-agentskillexchange","skill-snyk-agent-scan-mcp-skill-security-scanner","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/snyk-agent-scan-mcp-skill-security-scanner","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,622 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:32.480Z","embedding":null,"createdAt":"2026-05-18T13:19:30.454Z","updatedAt":"2026-05-18T19:12:32.480Z","lastSeenAt":"2026-05-18T19:12:32.480Z","tsv":"'/account](https://app.snyk.io/account)':165 '/skills/snyk-agent-scan-mcp-skill-security-scanner/)':189 '/snyk/agent-scan':175 '/snyk/agent-scan/head/readme.md':182 'agent':2,10,17,22,25,48,56,63,68,71,184 'agentskillexchange.com':188 'agentskillexchange.com/skills/snyk-agent-scan-mcp-skill-security-scanner/)':187 'ai':16,62 'api':160,166 'app.snyk.io':164 'app.snyk.io/account](https://app.snyk.io/account)':163 'automat':12,58 'basic':124 'caveat':121 'claud':42,88 'cli':93 'click':169 'code':43,89,95 'command':148 'compon':18,64 'cursor':44,90 'danger':133 'dangerously-run-mcp-serv':132 'discov':13,59 'doc':179 'e':114 'environ':109,140 'exchang':186 'extract':176 'gem':46 'gemini':92 'get':128,150,158 'getting-start':127 'github.com':174 'github.com/snyk/agent-scan':173 'har':26,72 'includ':19,65 'inject':32,78 'instal':98,102,113 'key':168 'like':30,76 'm':117 'malwar':38,84 'match':107 'mcp':4,20,50,66,135,146 'note':130 'path':105 'payload':39,85 'pip':112 'poison':34,80 'prompt':31,77 'raw.githubusercontent.com':181 'raw.githubusercontent.com/snyk/agent-scan/head/readme.md':180 'requir':119 'run':111,116,134 'scan':3,11,15,49,57,61 'scanner':8,54 'secur':7,28,53,74 'server':21,67,136,147 'setup':104 'shadow':36,82 'show':171 'sign':152 'skill':6,23,52,69,185 'skill-snyk-agent-scan-mcp-skill-security-scanner' 'snyk':1,9,47,55,155 'snyk.io':156 'sourc':172,183 'source-agentskillexchange' 'src.agent_scan.cli':118 'start':129,151 'support':41,87 'token':161,167 'tool':33,35,79,81 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'trust':139 'upstream':101,123,178 'usag':125 'use':99,131 'uv':110,115 've':143 'verifi':144 'vs':94 'vulner':29,75 'windsurf':45,91","prices":[{"id":"19c26baa-1ec6-468a-99db-039e77165fbe","listingId":"c02260cc-7ea2-46b7-b425-d2c21c43ac55","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:19:30.454Z"}],"sources":[{"listingId":"c02260cc-7ea2-46b7-b425-d2c21c43ac55","source":"github","sourceId":"agentskillexchange/skills/snyk-agent-scan-mcp-skill-security-scanner","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/snyk-agent-scan-mcp-skill-security-scanner","isPrimary":false,"firstSeenAt":"2026-05-18T13:19:30.454Z","lastSeenAt":"2026-05-18T19:12:32.480Z"}],"details":{"listingId":"c02260cc-7ea2-46b7-b425-d2c21c43ac55","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"snyk-agent-scan-mcp-skill-security-scanner","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"0882381f06798880075f827c7a59ec12a633cd85","skill_md_path":"skills/snyk-agent-scan-mcp-skill-security-scanner/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/snyk-agent-scan-mcp-skill-security-scanner"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Snyk Agent Scan MCP and Skill Security Scanner","description":"Snyk Agent Scan automatically discovers and scans AI agent components including MCP servers, agent skills, and agent harnesses for security vulnerabilities like prompt injections, tool poisoning, tool shadowing, and malware payloads. It supports Claude Code, Cursor, Windsurf, Gemini CLI, VS Code, and more."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/snyk-agent-scan-mcp-skill-security-scanner"},"updatedAt":"2026-05-18T19:12:32.480Z"}}