Cisco Skill Scanner is an open-source security scanner developed by Cisco AI Defense, designed to analyze and assess the security posture of agent skills used in AI-powered systems. The tool focuses on identifying security risks within agent skill definitions — the discrete capabilities or functions that AI agents can invoke. As agentic AI systems become more prevalent, the skills they use can introduce vulnerabilities such as prompt injection, excessive permissions, or unsafe tool usage. Skill Scanner addresses this by statically analyzing skill configurations and code to surface potential security issues before deployment. Key characteristics: - Targets AI agent skill definitions for security analysis - Operates as a command-line interface (CLI) tool - Supports multiple output formats via --output-<fmt> flags - Hosted publicly on GitHub under the cisco-ai-defense organization - Open-source with an active development history (42+ commits, 10 tags) - Maintained by Cisco AI Defense team contributors The tool is intended for developers and security engineers building or auditing agentic AI systems, enabling them to integrate security checks into their development workflows. It is particularly relevant in environments where AI agents are granted tool-use or skill-execution capabilities, which can expand the attack surface if not properly vetted.