I Built a SKILL.md Security Scanner — Because Agent Skills Are an Untapped Attack Surface

The content introduces Vigil SKILL.md Scanner, a tool addressing an overlooked attack surface: malicious instructions in AI agent configuration files like SKILL.md. This scanner detects supply chain attacks on AI agents by using pattern matching against attack signatures, without involving LLMs.