Every agent skill runs with your permissions. We check them first.
Skills, rules, and command packs for Claude Code, Cursor, and Codex are exploding — and installing one is closer to curl | sh than to reading a README. AEGIS is the trust layer: a validated registry, not a popularity contest.
We built the scanner and pointed it at the 32 most-starred skills
touched secrets, env vars, or ran destructive / remote commands
carried critical remote-exec or data-exfiltration patterns — two with 15k+ stars
of the most-starred skills stayed top-5 once we scored for trust
A cron finds them. A gauntlet vets them. You install with confidence.
Always watching
A scheduled crawler pulls new and updated skills from across GitHub — Claude Code, Cursor, Codex — the moment they ship.
The gauntlet
Every skill is scanned for remote-exec, credential access, and destructive commands, then weighed for freshness and provenance.
Install what's safe
A single trust score and a curated shelf — so you pick by what's actually vetted, not by whatever has the most stars.
What every skill gets checked for
Stars measure attention. AEGIS measures whether a skill is safe to hand your agent’s permissions.
Remote execution
Pipe-to-shell, eval, base64-decoded payloads — anything that runs code you didn't write.
Data exfiltration
Calls that ship your files or output to an external endpoint.
Secret access
Reads of SSH keys, cloud credentials, keychains, and environment variables.
Destructive commands
Force-pushes, recursive deletes, and other irreversible operations.
Freshness
Maintained vs abandoned — last update, breakage, and archive status.
Provenance
Author reputation, fork lineage, and the signals that separate real from spoofed.
Whether you’re one dev or a whole org
Ship faster without shipping a backdoor
Browse a vetted shelf instead of gambling on stars. Know what a skill touches before it touches your machine.
Govern the skills your agents run
A trusted supply for the whole org — policy, review, and a trust floor for every skill your agents pull in.