Overview
Every skill and agent submission passes through a multi-layer security pipeline before listing. No manual review is required for most submissions — the pipeline runs automatically.Pipeline Stages
The pipeline runs 9 layers in sequence. Layers that don’t apply (e.g., dependency scanning on a pure-markdown skill) are skipped gracefully.1. File Type Validation
Only allowed file types pass through. Disallowed extensions (executables, compiled binaries) are rejected immediately.2. Pattern Scanning
Checks for dangerous patterns: shell commands, environment variable harvesting, obfuscation techniques, and known attack signatures.3. ClamAV Signature Scan
A local ClamAV malware signature scan catches known malware before spending external API quota. Runs in ~200ms.4. Dependency Vulnerability Scan (Snyk)
Scans dependency manifests (requirements.txt, package.json, pyproject.toml) for known CVEs using Snyk. Skipped if no manifests are present.5. Supply Chain Analysis — Python (GuardDog)
GuardDog detects Python supply chain attacks that vulnerability scanners miss: typosquatting, dependency confusion, and install-time code execution.6. Supply Chain Analysis — npm (Socket.dev)
Socket.dev analyzes npm dependencies for supply chain risks including install scripts, network access, and obfuscated code.7. VirusTotal Malware Scan
The full package is uploaded to VirusTotal for scanning by 70+ antivirus engines. Results are polled with linear backoff.8. AI Security Review
An AI-powered semantic analysis checks for:- Prompt injection — Attempts to override Claude’s instructions
- Authentication flaws — Improper credential handling
- Data exposure — Leaking user data or API keys
- Privilege escalation — Requesting unnecessary permissions
9. Agent-Specific Checks
Submissions of typeagent receive additional scrutiny:
- Tool access audit — Which tools does the agent request?
- Instruction analysis — Are instructions appropriate for the declared purpose?
- Trust level scoring — Overall risk assessment based on capabilities requested
Outcomes
| Result | Effect |
|---|---|
| Pass | Listed immediately in the marketplace |
| Warn | Listed with a warning badge visible to buyers |
| Block | Rejected — the creator receives detailed findings |
Timing
Most submissions complete the full pipeline within minutes. Complex packages or high-traffic periods may take longer.For Creators
Avoiding Rejections
- Do not include shell commands that modify system files
- Do not access environment variables beyond what your skill needs
- Do not attempt to override Claude’s safety instructions
- Keep file types to text, markdown, JSON, and standard code files
Appealing a Block
If your submission is blocked and you believe the finding is a false positive, update your package to address the findings and resubmit. Each resubmission goes through the full pipeline again.External Skills (ClawHub and More)
External skills from registries like ClawHub go through the same full security pipeline. The difference is timing:- Native skills — scanned at publish time, before they appear in the marketplace
- External skills — scanned at install time, with results cached so subsequent users get instant results
For Buyers
Reading Security Status
Every skill in the marketplace displays its security status:- Pass — No issues detected
- Warn — Minor concerns flagged; review the badge details before installing
Reporting Concerns
If you discover a security issue with an installed skill, contact support at [email protected] with the skill slug and a description of the concern.Need Help?
Email Support
Reach us at [email protected] for account issues, billing questions, or technical help.
Discord Community
Join the AgentPowers Discord to get help from the team and other creators in real time.