From mph-kit
Audits an AI agent's skills tree, detecting dead skills, missing documentation, unsafe shell commands, and duplicate triggers. Generates a detailed health report.
How this skill is triggered — by the user, by Claude, or both
Slash command
/mph-kit:skill-wardenThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
*"Trust, but verify."*
"Trust, but verify."
With a repository containing over 100+ highly specialized agent skills, technical debt and security risks become non-trivial. Skill Warden automates the health and security audits of the skills/ directory.
SKILL.md formatting.rm -rf, --delete with rsync) or unauthorized external API calls.When invoked via "Run Skill Warden" or "Audit my skills":
SKILL.md files.skill_audit_report.md artifact detailing warnings, critical errors, and a list of deprecated skills.npx claudepluginhub mphinance/alpha-skills --plugin mph-kitAudits locally installed agent skills for security/policy issues using SkillLens CLI. Scans skill directories, produces risk-focused reports with verdicts and evidence.
Scans agent skills for prompt injection, malicious code, excessive permissions, secret exposure, and supply chain risks before adoption.
Audits AI agent skills for security threats before installation. Runs static checks across ten categories including code execution, credential harvesting, prompt injection, and supply-chain hooks, producing a PASS/WARN/FAIL verdict.