Forensic Summary
Researchers at Hong Kong University of Science and Technology have demonstrated that static scanners used to vet malicious AI agent 'skills' — modular add-ons for agents like Claude Code and OpenAI Codex — can be systematically bypassed using a tool called SKILLCLOAK. The technique leverages either character-substitution obfuscation or self-extracting packing into scanner-ignored directories like .git/, achieving evasion rates above 90% across all eight tested scanners. The same research team also developed SKILLDETONATE, a runtime behavioral sandbox that catches most of the threats static analysis misses.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/skillcloak-bypasses-ai-agent-skill-scanners-with-90-success-rate/
Top comments (0)