How does the Skill Security Vendor Pack help with marketplace approvals?

This skill automates the pre-submission audit process by scanning your skill folders for security risks, over-scoped permissions, and structural errors that often lead to marketplace rejection.

What are the technical requirements to run this auditing tool?

The skill is built using zero-dependency Python, making it compatible with any professional development environment, local machine, or CI/CD pipeline capable of running Python scripts.

What specific assets are included in the purchase?

You will receive the core auditing engine, a set of standardized validation rules, and templates for generating both developer-focused JSON data and client-ready Markdown reports.

Does the security scan require my AI skill to be actively running or hosted?

No, this is a static analysis tool that scans your local files and directory structures without needing to execute the skill's code or access external live APIs.

Does it check for specific file structures and configuration errors?

The Vendor Pack includes logic to verify mandatory metadata, configuration files, and directory hierarchies required by major AI agent marketplaces to ensure a professional, error-free delivery.

Can I integrate these reports into my existing automated CI/CD pipeline?

Yes, the standardized JSON output is designed for easy integration into your existing DevOps workflows, allowing you to automate security gates before updates are pushed to production.

skill-security-vendor-pack

by PromptSpace

Audit AI agent skills for security risks, packaging errors, and marketplace readiness with professional reports.

Audit third-party skills before installing them in your environment.
Generate professional security clearance reports for your enterprise clients.
Validate skill metadata and structure before submitting to an AI marketplace.

Security scannedInstant install

Free

One-time purchase

Included in download

Downloadable skill package
Works with OpenClaw, Cursor
Instant install

PromptSpace

See it in action

Security Review: [PASS/WARNING]
- Risk Level: Medium
- Issues:
  1. Found 'subprocess.run' call in skill.py (Suspicious Pattern)
  2. Missing 'tags' in skill.yaml (Packaging Issue)
- JSON artifacts saved to output.json.
- Full Markdown report generated for client delivery.

skill-security-vendor-pack

by PromptSpace

Audit AI agent skills for security risks, packaging errors, and marketplace readiness with professional reports.

9 views

Free

One-time purchase

⚡ Skill ready to install in Claude Code, Gemini CLI, or any MCP-compatible client. Read the install guides →

Included in download

Downloadable skill package
Works with OpenClaw, Cursor
Instant install

See it in action

Security Review: [PASS/WARNING]
- Risk Level: Medium
- Issues:
  1. Found 'subprocess.run' call in skill.py (Suspicious Pattern)
  2. Missing 'tags' in skill.yaml (Packaging Issue)
- JSON artifacts saved to output.json.
- Full Markdown report generated for client delivery.

9 views

About This Skill

Ensure Professional Credibility for Your AI Skills

The Skill Security Vendor Pack is a specialized auditing tool designed for developers and agencies building for AI marketplaces. It automates the pre-flight inspection of skill packages, ensuring they meet the high standards required for commercial distribution and client delivery.

What it does

This skill performs a deep-dive scan of a skill folder to identify security risks, packaging defects, and marketplace-readiness gaps. It replaces manual checklists with an automated, script-based review process that generates both developer-friendly JSON data and client-ready Markdown reports.

Permission Auditing: Scans for high-risk or over-scoped permissions that might block marketplace approval.
Pattern Matching: Flags suspicious code patterns or shell execution risks that require manual verification.
Packaging Validation: Checks for missing configuration files, metadata inconsistencies, and directory structure errors.
Portable Analysis: Built with zero-dependency Python for easy inclusion in CI/CD pipelines or local development workflows.

Why use this skill?

While basic prompting might catch high-level errors, this skill follows a strict Output Contract, ensuring every report is structured for professional use. It provides evidence-backed flags rather than generic warnings, allowing you to fix issues before they become "denied" statuses on a marketplace or security concerns for a client. It effectively turns your audit process into a repeatable, professional service.

Use Cases

Audit third-party skills before installing them in your environment.
Generate professional security clearance reports for your enterprise clients.
Validate skill metadata and structure before submitting to an AI marketplace.
Integrate security linting into your skill development CI/CD pipeline.

How to Install

mkdir -p ~/.claude/skills/skill-security-vendor-pack && curl -s -X POST 'https://api.promptspace.in/api/skills/skill-security-vendor-pack/install' | python3 -c "import sys,json; sys.stdout.write(json.load(sys.stdin).get('installInstructions') or '')" > ~/.claude/skills/skill-security-vendor-pack/SKILL.md

Free skills install directly. Paid skills require purchase - use the download button above after buying.

Reviews

No reviews yet. Be the first to review this skill after you install it.

Security Scanned

Passed automated security review

Permissions

No special permissions declared or detected

Creator

PromptSpace

We build AI agent skill packages for content creators. Specializing in Chinese social media automation.

skill-security-vendor-pack

Included in download

See it in action

skill-security-vendor-pack

Included in download

See it in action

About This Skill

Ensure Professional Credibility for Your AI Skills

What it does

Why use this skill?

Use Cases

How to Install

Reviews

Permissions

Tags

Creator

Frequently Asked Questions

Learn More About AI Agent Skills