Agent Skill Marketplace Supply Chain Attack: Vulnerabilities and Scanner Discrepancies

A study identified 121 agent skills linked to 7 GitHub repositories vulnerable to hijacking if the original owner renames their account. Testing 5 security scanners on 238,180 skills revealed failure rates ranging from 3.79% to 41.93%, with only 0.12% of flagged skills agreed upon by all scanners. Additionally, 12 live API credentials (e.g., NVIDIA, ElevenLabs) were found embedded in the skill corpus. The research highlights risks in link-out distribution models for skill marketplaces.