Hacker News has launched the Skills Security Index, a centralized repository analyzing security risks in modular AI agent skills. This tool helps security engineers and developers understand the potential blast radius of any skill before deployment. Each entry represents a unique skill scanned from GitHub registries, examining its identity, instructions, and code for security profiles.

The index uses a standardized schema focusing on instructional risks like prompt injection vulnerabilities and excessive permissions. Risk is ranked dynamically across three dimensions: Pass (no risks), Low (minor capability risk), Medium (risky tool use), High (sensitive operations), and Critical (malicious actions). Capabilities are classified into buckets like Tools, Code Execution, and Web Access.

Findings report specific deviations from best practices, such as Credential Exposure or Broad File System Write instructions. This index provides critical visibility into the security posture of AI agents relying on modular skills.