qualixar/skillfortify
First formal security scanner for AI agent skills & plugins. Static analysis, supply chain verification, SBOM generation. 22 frameworks supported including MCP, LangChain, CrewAI.
Building AI agents often means using pre-made 'skills' or 'plugins' from various frameworks like LangChain, CrewAI, or OpenAI's SDK. This tool helps you check those skills for security vulnerabilities before you deploy them, giving you a clear report on potential risks. It takes in your AI agent skills and configurations, and outputs a security report, identifying any unsafe elements and generating a Software Bill of Materials. It's designed for anyone integrating third-party AI agent skills into their systems, such as AI solution architects, MLOps engineers, or security professionals.
Available on PyPI.
Use this if you need to ensure the AI agent skills and plugins you're using are secure and comply with your organization's security policies, especially when drawing from various sources.
Not ideal if you are only developing simple, self-contained AI agent code that does not interact with external skills or plugins.
Stars
10
Forks
—
Language
Python
License
MIT
Category
Last pushed
Mar 06, 2026
Commits (30d)
0
Dependencies
4
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/qualixar/skillfortify"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
PlamenTSV/plamen
Autonomous Web3 security audit agent for Claude Code
kahalewai/ai-scrm
AI-SCRM is a Supply Chain Security Tool that scans and builds an ABOM (AI Bill Of Materials)....
miunasu/IDA-Skill
使用skill让 AI Agent 像安全分析师一样分析恶意样本 | AI Agent skill for automated malware analysis using IDA Pro
aidongise-cell/prism-scanner
Security scanner for AI Agent skills, plugins, and MCP servers
netresearch/security-audit-skill
Agent Skill for PHP security audits - OWASP patterns, vulnerability detection | Claude Code compatible