| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
Initial commit | 2 个月前 | |
Initial commit | 2 个月前 | |
tools: add skill security scanner with LLM intent review Static analysis + LLM-assisted security scanner for agent_skills. Detects dangerous tool usage, prompt injection, credential extraction, data exfiltration, and stealth instructions in skill markdown files. Features: - Tool risk scoring tailored to embedded device capabilities - Regex hard gates (critical findings cannot be overridden by LLM) - LLM intent review (--llm-review) to reduce false positives - Baseline diff mode (--baseline) for CI incremental scanning - 3-level disposition: pass / review / block Usage: python3 scripts/skill_security_scan.py [--llm-review] [--ci] Signed-off-by: zhouwenjie1 <zhouwenjie1@xiaomi.com> | 1 个月前 |
| 文件 | 最后提交记录 | 最后更新时间 |
|---|---|---|
| 2 个月前 | ||
| 2 个月前 | ||
| 1 个月前 |