skill-checker 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +14 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -4,12 +4,25 @@ Security checker for Claude Code skills — detect injection, malicious code, an
|
|
|
4
4
|
|
|
5
5
|
## Features
|
|
6
6
|
|
|
7
|
-
- **
|
|
7
|
+
- **51 security rules** across 6 categories: structural validity, content quality, injection detection, code safety, supply chain, and resource abuse
|
|
8
8
|
- **Scoring system**: Grade A–F with 0–100 score
|
|
9
9
|
- **Dual entry**: CLI tool + PreToolUse hook for automatic interception
|
|
10
10
|
- **Configurable policies**: strict / balanced / permissive approval strategies
|
|
11
11
|
- **Multiple output formats**: terminal (color), JSON, hook response
|
|
12
12
|
|
|
13
|
+
## Security Standard & Benchmark
|
|
14
|
+
|
|
15
|
+
Skill Checker's 51 rules are aligned with established security frameworks
|
|
16
|
+
including OWASP Top 10 for LLM Applications (2025), MITRE CWE, and MITRE
|
|
17
|
+
ATT&CK. The tool ships with a reproducible benchmark dataset of six fixture
|
|
18
|
+
skills covering all rule categories. This alignment is an internal mapping
|
|
19
|
+
exercise — Skill Checker does not claim third-party certification or
|
|
20
|
+
external audit status.
|
|
21
|
+
|
|
22
|
+
See [docs/SECURITY_BENCHMARK.md](docs/SECURITY_BENCHMARK.md) for the full
|
|
23
|
+
rule mapping matrix, benchmark methodology, scoring model, and known
|
|
24
|
+
limitations.
|
|
25
|
+
|
|
13
26
|
## Quick Start
|
|
14
27
|
|
|
15
28
|
```bash
|
package/package.json
CHANGED