Skanzer reads Claude Code skill files and flags data exfiltration, privilege escalation, obfuscated payloads, and behavior that doesn't match what the skill claims to do.
Start scanningOutbound fetch calls, curl to unknown hosts, environment variable reads, file writes outside the workspace. If a skill is phoning home, we find it.
sudo invocations, chmod +s, permission modifications, and bash commands that reach beyond what any skill legitimately needs.
Base64-encoded commands, reversed strings, eval chains, dropper patterns, cron persistence, and crypto miners hiding in plain sight.
A skill that says it formats code but runs rm -rf. A skill that claims to lint but opens a reverse shell. We compare stated purpose against actual instructions.
Upload
Drop a .md skill file, point at a directory, or paste a GitHub repo URL. We pull every markdown file and queue them for analysis.
Analyze
Five-phase static analysis: structure validation, line-by-line pattern matching, malware-specific detection, behavior heuristics, and a final verdict.
Report
Every scan produces a public report page with findings grouped by category, severity badges, code snippets, and confidence scores.
Badge
Embed a live SVG badge in your README. It links directly to the dated report so anyone can verify the scan themselves.