qualixar/skillfortify
First formal security scanner for AI agent skills & plugins. Static analysis, supply chain verification, SBOM generation. 22 frameworks supported including MCP, LangChain, CrewAI.
Performs formal capability verification using sound static analysis—if no violations are reported, security bounds are mathematically assured rather than heuristic-based. Parses all 22 frameworks into a unified intermediate representation, enabling consistent trust scoring, dependency graph analysis, and CycloneDX ASBOM generation across heterogeneous agent ecosystems. Auto-discovers skills system-wide across Claude Code, MCP servers, Cursor, VS Code, and other AI tools, then generates deterministic lockfiles and interactive HTML dashboards for supply chain compliance.
Available on PyPI.
Stars
10
Forks
—
Language
Python
License
MIT
Category
Last pushed
Mar 06, 2026
Commits (30d)
0
Dependencies
4
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/agents/qualixar/skillfortify"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Higher-rated alternatives
PlamenTSV/plamen
Autonomous Web3 security audit agent for Claude Code
miunasu/IDA-Skill
使用skill让 AI Agent 像安全分析师一样分析恶意样本 | AI Agent skill for automated malware analysis using IDA Pro
koatora20/guard-scanner
🛡️ Agent Security Scanner — 364 patterns, 35 threat categories, 27 runtime checks. Zero-Trust...
aidongise-cell/prism-scanner
Security scanner for AI Agent skills, plugins, and MCP servers
Zandereins/schliff
Deterministic quality scorer for AI agent instruction files — 8-dimension scoring with security,...