SkillTotal
← Back to home

AI Security Scanner for the components your agents trust

Paste a repo URL or an npm:/pypi: package and get an evidence-backed verdict — malicious, high-risk, or clean — before you hand an AI component the keys to your files and shell. Free, no account, the engine is open source.

Scan a component — free →

What it scans

MCP servers, agent skills and plugins, and npm or PyPI packages — anything you would wire into Claude, Cursor, or your own agent. Analysis is derived only from the component itself: its code, manifests, and instruction files.

How the verdict works

Detection is deterministic — regex and AST, never an LLM, and your code is never executed. Every confirmed finding is anchored to a file, line, and snippet. The report separates malicious indicators (deliberate deception: tool poisoning, hidden Unicode, prompt injection, decode-and-execute) from powerful capabilities (often legitimate: filesystem, network, shell). Capability is not the same as risk, so the scanner does not cry wolf.

Scan by ecosystem

FAQ

Is it free?
Yes. The full static report is free and needs no account. The engine is open source (Apache-2.0) and also runs locally via pipx install skilltotal.
Do you run or upload my code?
No. Detection is static (regex + AST); your code is never executed and the engine never calls an LLM. The website runs the same engine for you on the component you submit.
What can it detect?
Install-time execution, decode-and-execute droppers, credential/secret exfiltration, dangerous MCP tools and tool poisoning, prompt injection (including homoglyph/zero-width obfuscation), and sensitive-path access — each with file:line evidence.
What do I get?
A risk score out of 100, a capability breakdown, findings with evidence, and JSON/SARIF export for your own pipeline.