What is SkillFortify and how is it different from other security scanners?

SkillFortify is the first formal verification scanner for AI agent skills. Unlike heuristic scanners that only detect known patterns, SkillFortify uses abstract interpretation with 5 mathematical soundness theorems to provably verify that skills cannot exceed their declared capabilities.

What frameworks does SkillFortify support?

SkillFortify supports 22 frameworks including Claude Code, Cursor, VS Code, Windsurf, Gemini, OpenCode, Cline, Continue, Copilot, n8n, and more. It can scan your entire system with zero configuration.

How accurate is SkillFortify at detecting malicious skills?

SkillFortify achieves 96.95% F1 score with 100% precision and 0% false positive rate on benign skills, tested on SkillFortifyBench (540 skills). It analyzes skills at ~2.5ms each, fast enough for CI gates.

Why was SkillFortify created?

It was created in response to the ClawHavoc campaign where 1,200+ malicious skills infiltrated the OpenClaw marketplace, and researchers catalogued 6,487 malicious agent tools that VirusTotal cannot detect.

Is SkillFortify free to use?

Yes. SkillFortify is completely free and open source under MIT license. Install with pip install skillfortify. No cloud dependencies, no API keys, no subscription required.

← Back to dashboard

clawsmith.com/signal/skillfortify-formal-verification-agent-skills

📈 TrendsWide OpenLive

SkillFortify: First Formal Verification Scanner for AI Agent Skills — 96.95% F1, Zero False Positives

First formal analysis framework for agent skill supply chains. Uses abstract interpretation with 5 mathematical soundness theorems instead of heuristic scanning. Supports 22 frameworks. Created in response to ClawHavoc campaign and 6,487 malicious tools evading VirusTotal.

Product Idea from this Signal

A security layer that vets ClawHub skills for malware and prompt injection before your agent installs them

79.8k ▲

ClawHub grew 380% to 13,729 skills in Q1 2026. Snyk found 36% contain prompt injection and 1,467 carry malicious payloads. The ClawHavoc campaign planted 1,184 weaponized skills in the marketplace. VirusTotal integration catches known malware but misses novel prompt injection, data exfiltration via tool outputs, and social engineering patterns unique to AI agent skills. This tool performs deep behavioral analysis of every skill before installation, catching threats that signature-based scanners miss.

SECURITYCLIDEVTOOLOPEN-SOURCE

CompetitiveView Opportunity →