Skill Lab — the evaluation layer for agent skills

sklab scan#

Security-focused scan with BLOCK / SUS / ALLOW status per skill.

Usage#

bash

sklab scan [SKILL_PATH] [OPTIONS]

Runs the 5 security checks — prompt injection, evaluator manipulation, unicode obfuscation, YAML anomalies, and suspicious size/structure — and classifies each skill as BLOCK, SUS, or ALLOW. BLOCK triggers a non-zero exit so you can wire it into pre-merge checks.

Arguments#

Argument	Required	Description
`SKILL_PATH`	no	Path to the skill directory. Defaults to the current directory.

Options#

Flag	Value	Description
`--all`, `-a`	flag	Scan every skill under the current directory.
`--verbose`, `-v`	flag	Show findings for SUS skills in addition to BLOCK (bulk mode only).

Examples#

Scan one skill

bash

$ sklab scan ./my-skill

Audit every skill

bash

$ sklab scan --all

Output#

Per-skill status: BLOCK on injection / jailbreak / unicode / YAML / evaluator findings; SUS on size or structure anomalies only; ALLOW if no findings.

Exit Codes#

Code	Meaning
`0`	ALLOW or SUS only.
`1`	One or more skills classified BLOCK.

sklab checkQuick pass/fail check — exits 0 or 1, designed for CI pipelines.sklab list-checksBrowse all 37 checks across 5 dimensions.

Previoussklab check Nextsklab info