# SkillAudit

Security scanner for AI agent skills and MCP servers. Detects credential theft, data exfiltration, prompt injection, obfuscated code, and 80+ threat patterns. Free API + CLI (npx skillaudit). Premium…

## Quick Start

```bash
# Connect this server (installs CLI if needed)
npx -y @smithery/cli@latest mcp add megamind-0x/skillaudit

# Browse available tools
npx -y @smithery/cli@latest tool list megamind-0x/skillaudit

# Get full schema for a tool
npx -y @smithery/cli@latest tool get megamind-0x/skillaudit scan_url

# Call a tool
npx -y @smithery/cli@latest tool call megamind-0x/skillaudit scan_url '{}'
```

## Direct MCP Connection

Endpoint: `https://skillaudit--megamind-0x.run.tools`

## Tools (4)

- `scan_url` — Scan a skill/MCP server by URL for security issues. Returns risk level, findings, and verdict.
- `scan_github` — Scan a GitHub repository for skill files and security issues.
- `gate_check` — Pre-install gate check. Returns allow/warn/deny decision for a skill URL.
- `reputation_check` — Check the reputation of a domain based on aggregated scan history.

```bash
# Get full input/output schema for a tool
npx -y @smithery/cli@latest tool get megamind-0x/skillaudit <tool-name>
```