Better skills. Proven safe.
Grade any SKILL.md, then rewrite it better — grounded in 4,000+ exemplars. Free scan, no signup.
Scan any skill
Paste a SKILL.md or a GitHub URL. You'll get a security grade, a quality grade, and a verdict, instantly, in your browser.
Two grades. One report.
Every other tool checks one or the other. Skillproof is the independent third party that does both, and then fixes the skill for you.
✨ Quality & rewrite
We score structure, triggering, steps, examples, output contract and token budget, then the optimizer does a bounded-edit rewrite of the skill body (not just the description), grounded in retrieved exemplar skills, and reports an estimated before/after. The SkillOpt method — free.
🛡️ Safety scan
Invisible-Unicode / ASCII-smuggling, bidi overrides, prompt injection, secret exfiltration, dangerous code, over-broad tool grants, config/memory poisoning (CLAUDE.md, settings.json, .mcp.json), supply-chain risk. A letter grade and a verdict, with the smuggled bytes shown, never carried.
Browse the Registry
We've already graded 4,000+ public agent skills for quality and safety — independent, vendor-neutral. Search, sort, open any skill's report, and read the SKILL.md. No signup.
▶ 4,011 skills graded · browse →Why Skillproof and not the others
The skill-security space is crowded and we don't pretend otherwise. We win on the three things no one else does together.
Corpus-grounded
Edits are driven by retrieval over 4,000+ curated skills, the reference standard for "what good looks like." Others optimize against your own evals or not at all.
Full body rewrite
First-party tools stop at tuning the description so it triggers. We rewrite the actual logic, and refuse any rewrite that lowers your safety grade.
Vendor-neutral
Not a marketplace, not a security-platform upsell. One independent grade across Claude, Cursor, Codex and Gemini skills, embeddable as a badge.
A report for every skill
Every scan mints a permanent, shareable report: the quality grade, an honest safety signal, the findings, the full SKILL.md, and an embeddable badge. Consult any of the 4,000+ already graded, or scan your own.
▶ see a live report →
FAQ
Isn't skill scanning already a thing?
Yes. Snyk, Socket, Cisco and others scan skills for safety, and they're good. None of them improve your skill. Skillproof leads with the optimizer and bundles a safety scan so you get one honest "safe and good" report.
How is the uplift measured?
The free grade is a deterministic static lint. The optimizer reports a real before/after quality delta. A task-validated uplift (full SkillOpt-style held-out evaluation) is available via an early-access pilot when you bring an eval set, and we label estimates honestly.
Do you store my skill?
A scan creates a shareable report you can delete. Optimizations run against your account. We never train on your private skills.
Which agents are supported?
Anything using the SKILL.md / .skill format: Claude Code & Claude Skills, Cursor, Codex, Gemini CLI. The CLI and GitHub Action run in your own CI.