Security · 2h ago
Developer builds Skillerr to verify AI skill packages against tampering
Developer csinye created Skillerr, an open-source protocol and CLI that cryptographically signs AI skill packages and detects unauthorized changes. The tool uses SHA-256 hashes and structured contracts to ensure integrity and provenance. In tests, it rejected modified or unsigned packages by default.
Meridian48 take
Skillerr addresses a real supply-chain risk as AI agents execute third-party skills, but its adoption depends on whether major platforms like Claude and Cursor integrate such verification.
Read the full reporting
I tried to trick my own AI-skill signing tool. Here's what happened. →
DEV Community
ai-securityopen-source-tools