cisco-ai-skill-scanner 1.0.0__py3-none-any.whl → 1.0.1__py3-none-any.whl

{cisco_ai_skill_scanner-1.0.0.dist-info → cisco_ai_skill_scanner-1.0.1.dist-info}/METADATA

@@ -1,7 +1,7 @@
 Metadata-Version: 2.4
 Name: cisco-ai-skill-scanner
-Version: 1.0.0
-Summary: Security scanner for Claude Skills and Codex Skills packages - Detects prompt injection, data exfiltration, and malicious code
+Version: 1.0.1
+Summary: Security scanner for Agent Skills packages - Detects prompt injection, data exfiltration, and malicious code
 Project-URL: Homepage, https://github.com/cisco-ai-defense/skill-scanner
 Project-URL: Documentation, https://github.com/cisco-ai-defense/skill-scanner#readme
 Project-URL: Repository, https://github.com/cisco-ai-defense/skill-scanner
@@ -68,14 +68,14 @@ Description-Content-Type: text/markdown
 
 A security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns. Combines **pattern-based detection** (YAML + YARA), **LLM-as-a-judge**, and **behavioral dataflow analysis** for comprehensive threat detection.
 
-Supports [Anthropic Claude Skills](https://docs.anthropic.com/en/docs/agents-and-tools/claude-skills), [OpenAI Codex Skills](https://openai.github.io/codex/), and [Cursor Agent Skills](https://docs.cursor.com/context/rules) formats following the [Agent Skills specification](https://agentskills.io).
+Supports [OpenAI Codex Skills](https://openai.github.io/codex/) and [Cursor Agent Skills](https://docs.cursor.com/context/rules) formats following the [Agent Skills specification](https://agentskills.io).
 
 ---
 
 ## Highlights
 
 - **Multi-Engine Detection** - Static analysis, behavioral dataflow, LLM semantic analysis, and cloud-based scanning
-- **False Positive Filtering** - Meta-analyzer achieves ~65% noise reduction while maintaining 100% threat detection
+- **False Positive Filtering** - Meta-analyzer significantly reduces noise while preserving detection capability
 - **CI/CD Ready** - SARIF output for GitHub Code Scanning, exit codes for build failures
 - **Extensible** - Plugin architecture for custom analyzers
 
@@ -151,29 +151,29 @@ export AI_DEFENSE_API_KEY="your_aidefense_api_key"
 
 ```bash
 # Scan a single skill (static analyzer only)
-skill-analyzer scan /path/to/skill
+skill-scanner scan /path/to/skill
 
 # Scan with behavioral analyzer (dataflow analysis)
-skill-analyzer scan /path/to/skill --use-behavioral
+skill-scanner scan /path/to/skill --use-behavioral
 
 # Scan with all engines
-skill-analyzer scan /path/to/skill --use-behavioral --use-llm --use-aidefense
+skill-scanner scan /path/to/skill --use-behavioral --use-llm --use-aidefense
 
 # Scan with meta-analyzer for false positive filtering
-skill-analyzer scan /path/to/skill --use-llm --enable-meta
+skill-scanner scan /path/to/skill --use-llm --enable-meta
 
 # Scan multiple skills recursively
-skill-analyzer scan-all /path/to/skills --recursive --use-behavioral
+skill-scanner scan-all /path/to/skills --recursive --use-behavioral
 
 # CI/CD: Fail build if threats found
-skill-analyzer scan-all ./skills --fail-on-findings --format sarif --output results.sarif
+skill-scanner scan-all ./skills --fail-on-findings --format sarif --output results.sarif
 ```
 
 ### Python SDK
 
 ```python
-from skillanalyzer import SkillScanner
-from skillanalyzer.core.analyzers import StaticAnalyzer, BehavioralAnalyzer
+from skill_scanner import SkillScanner
+from skill_scanner.core.analyzers import StaticAnalyzer, BehavioralAnalyzer
 
 # Create scanner with analyzers
 scanner = SkillScanner(analyzers=[
@@ -221,7 +221,7 @@ print(f"Findings: {len(result.findings)}")
 ## Example Output
 
 ```
-$ skill-analyzer scan ./my-skill --use-behavioral
+$ skill-scanner scan ./my-skill --use-behavioral
 
 ============================================================
 Skill: my-skill

cisco_ai_skill_scanner-1.0.1.dist-info/RECORD

@@ -0,0 +1,100 @@
+skill_scanner/__init__.py,sha256=QuGYhgc529C5Cjtk3Th5t7-Qkx9kxOv6E2GK6soGZQw,1383
+skill_scanner/_version.py,sha256=JvmBpae6cHui8lSCsCcZQAxzawN2NERHGsr-rIUeJMo,704
+skill_scanner/api/__init__.py,sha256=vhuGqXgBx70izjHQOa-cWm3cbHlKhkpEiRjpusQ49vo,746
+skill_scanner/api/api.py,sha256=5fFYh1e1JE06pNtZw-7zMcQMc791ubNlck0VjWzskq8,1027
+skill_scanner/api/api_cli.py,sha256=wMJHSrQWWSg5idCLaWa-irPqhigtt_o1QVukMKvpfGY,2372
+skill_scanner/api/api_server.py,sha256=cjN2P4xHXitKAI9aLztn9bKcFyVxm-2rpsy1OaVxwQo,21110
+skill_scanner/api/router.py,sha256=3u5qPWO48iF09oIm-3oxYkqqO4hT50jCaNQTr2TBfYc,17411
+skill_scanner/cli/__init__.py,sha256=UOFAWN8z8nMviFLHiFrtlcHn4eGbbRZc4B2q8yWlTno,755
+skill_scanner/cli/cli.py,sha256=rnV2C2X-lNqSxPM3rNJ6J9Gde1kap9IAiBnOtpmCbXY,35485
+skill_scanner/config/__init__.py,sha256=S0hMvyq3Vi0wWET74XmbPQmBTBkLXtqFca5PcTYosUM,837
+skill_scanner/config/config.py,sha256=SvK9lvTNjpygc80pamDaGDtOhh99qGBG3EJiFKfEVzc,4698
+skill_scanner/config/config_parser.py,sha256=kGPawiniy35fyUoJvnwRsJsgtIiAjSXHhE3joUcZtn8,3772
+skill_scanner/config/constants.py,sha256=re2KkOtvSnxSJgkamdIU0fjdQ-fUSHX1eQSEfKDXjTA,2512
+skill_scanner/core/__init__.py,sha256=fC3n7lJs_G8CFz2Vg1gfGFe6b0pBiCUs7MRW4kCM1CY,822
+skill_scanner/core/exceptions.py,sha256=F4k2RDXIxrrnNsAsHn7wR277i2dNOXdK-NK0r-m3nF0,2007
+skill_scanner/core/loader.py,sha256=cIU7e5MZHxryr-7UiGwI76eM0Zbm-LrmRGI0mP1_17A,13541
+skill_scanner/core/models.py,sha256=vWAhDpAm4y8Flqp18cH4R4Vh8eOKNHrAHmsx68jXyOk,10551
+skill_scanner/core/scanner.py,sha256=zAtM3Hbs_NNbYV7iq-9W2BURO-H23uRJ-E14S2h_wek,14830
+skill_scanner/core/analyzers/__init__.py,sha256=tctB8Q30gA5V4pdR5yoSpxyIKJZkFTJwowUq6UwddQo,2132
+skill_scanner/core/analyzers/aidefense_analyzer.py,sha256=ws61J3KJsz1DiuucBPCdsWN8ACI_iurtDQzWtFqfCA8,36468
+skill_scanner/core/analyzers/base.py,sha256=4BN6dHLn2Q9hQMLAJTSJXsl6tZgfCqqBxZO9icuu70Q,1374
+skill_scanner/core/analyzers/behavioral_analyzer.py,sha256=dvdTdwUKHqnmEa1nsChcdlJ0V_WvcZrGyHX5uYe0clI,19076
+skill_scanner/core/analyzers/cross_skill_scanner.py,sha256=MTedSXhLagZeXEtvkPV8m_48GqoHMWkh9rR9FR9puLQ,18934
+skill_scanner/core/analyzers/llm_analyzer.py,sha256=6_b0DYTPSA0opLNnQzyuAoVfxgI8PFkEhJEeB-Ajd3w,17835
+skill_scanner/core/analyzers/llm_prompt_builder.py,sha256=28OCgMUE0T-A6GkF5sUY0qPFvaKC1jhB6jPjVPbePsw,10160
+skill_scanner/core/analyzers/llm_provider_config.py,sha256=pbVx7N9OCohjIWjENMq-kiy6_svTn4IYvQfPxlR0M_Y,8488
+skill_scanner/core/analyzers/llm_request_handler.py,sha256=nz_gjnDTr0dT2GbfQMqKR6-n63x38AcB5G4UnPHLY9s,11679
+skill_scanner/core/analyzers/llm_response_parser.py,sha256=wO5ovd4se-KqIPwdZX-r0_tozaJEDUx7Q7yajKntPwk,2682
+skill_scanner/core/analyzers/meta_analyzer.py,sha256=oIMmRfIsS-LUa7qyTpS8HTrGu0TqpUbrrV6gUa5dugU,33371
+skill_scanner/core/analyzers/static.py,sha256=JAUYefYH1Oa3qnFmk78Sw7OuzcCwC1d8BFX6Hoh0wtM,45208
+skill_scanner/core/analyzers/trigger_analyzer.py,sha256=bmJjaGdSqsAyvOIehHbMjLrDWysd7YV9J9TXgMvTEe0,12268
+skill_scanner/core/analyzers/virustotal_analyzer.py,sha256=V7nG-fR2GhfdZhh8JVNvM6gOqRyUGsuxHN1yNRvmw6M,15988
+skill_scanner/core/analyzers/behavioral/__init__.py,sha256=aTuJyqDbylHE2Ags_LaYLbbOkkJxkTDP--VBU-KMPgs,1069
+skill_scanner/core/analyzers/behavioral/alignment/__init__.py,sha256=nB2KWYnDu6I4yGiaewEyySzG4w96hElXiQBqJFfGmP4,1832
+skill_scanner/core/analyzers/behavioral/alignment/alignment_llm_client.py,sha256=mRocjOvf8jM2UQ-_TzcHRQDVkEeoPXu87GjwKiuZ2Yw,8645
+skill_scanner/core/analyzers/behavioral/alignment/alignment_orchestrator.py,sha256=zfkjFz-DDwUEOGDBpJ8cAZi5bH-VP_d_1bJTF1z0Si4,9478
+skill_scanner/core/analyzers/behavioral/alignment/alignment_prompt_builder.py,sha256=oAGvbIBmCP6APYwYXKsVyh0jWBgaiM5N6Bo5YoHbJT8,18041
+skill_scanner/core/analyzers/behavioral/alignment/alignment_response_validator.py,sha256=lu0gPPRbJkZJlkguqwUeSVl43HpMFypICXH_4s8Zjbo,4556
+skill_scanner/core/analyzers/behavioral/alignment/threat_vulnerability_classifier.py,sha256=DCXnbs9Fa2ajFT0We4sOo6nxIk7O_Pc0z01fGMDHsRg,7227
+skill_scanner/core/reporters/__init__.py,sha256=XCqeM_kiS1uvcwymDreueQ2KOzMhG5_4vQgxzReJS4w,943
+skill_scanner/core/reporters/json_reporter.py,sha256=JLlPTbs8ncMJHAXZk7iBWCHdL5Qn2PqHOQldHeH2ZGE,1798
+skill_scanner/core/reporters/markdown_reporter.py,sha256=SPLztJIhOVi0knocvSCCByWdsXWp3rQ1E63VGHaxgm8,7840
+skill_scanner/core/reporters/sarif_reporter.py,sha256=8BUUerHX-gpE-5HYAipfCLH3GdlVuul43ZItHDAB7Bw,8289
+skill_scanner/core/reporters/table_reporter.py,sha256=sotaDM2VzaX4vCR-OrF3GyIX_yv7wWhzS_doyc1I1XE,7044
+skill_scanner/core/rules/__init__.py,sha256=zGlTBVjihqxgg0BKmhdGkyeCzSvRjVEASjBh-M0sn_8,680
+skill_scanner/core/rules/patterns.py,sha256=OuJ6mPlQVy9R8g1Pn9ozWIC8iWfDEuQamdDW5Uu8200,5833
+skill_scanner/core/rules/yara_scanner.py,sha256=U-qYrb92n3664cTt7ynRTMVGGsxhfrSU0OOYV-BnxKc,5326
+skill_scanner/core/static_analysis/__init__.py,sha256=meZnZQj7ChgHek6fIrfd-YInolXCqI37HTUTlQWEm7w,930
+skill_scanner/core/static_analysis/context_extractor.py,sha256=bUOmrkwzUxAVD1_64TZt4eHOhzH42db1W39VPibdmk8,29785
+skill_scanner/core/static_analysis/cfg/__init__.py,sha256=jkvx12ZGddbRVu_0b04Bamr7JX084yD6BLxgOUEHT1w,816
+skill_scanner/core/static_analysis/cfg/builder.py,sha256=Tm1GZ56rfOoNx-3WLmn2MNov2KzPKN-QZgJbBG-9D2c,14932
+skill_scanner/core/static_analysis/dataflow/__init__.py,sha256=eVdTh0JOvQvtKG96gqs_1VvIU0_sRNkV6sXZz6X9o7I,833
+skill_scanner/core/static_analysis/dataflow/forward_analysis.py,sha256=haHWJVz-SZxZpZoEwAsNOum-67ldppe_YBRMZOSJqz0,30747
+skill_scanner/core/static_analysis/interprocedural/__init__.py,sha256=dFIglo65HpWMJ80ejB4tjv54MaNeSymQ5eowD5QGZic,798
+skill_scanner/core/static_analysis/interprocedural/call_graph_analyzer.py,sha256=3azYWJ8A5-I39gc5zK4Iz6g0AAUX_uos4CNh1sVQNQA,14060
+skill_scanner/core/static_analysis/interprocedural/cross_file_analyzer.py,sha256=neP8pdyGhCUHJQmmTXfm0X_CFHlTHh7e3RU7HVJ0UVY,7472
+skill_scanner/core/static_analysis/parser/__init__.py,sha256=AXCg1HHVzyjswGJl4TNFhzwMKxgin8JY2EK00RVv9_Y,769
+skill_scanner/core/static_analysis/parser/python_parser.py,sha256=Imlv4PO6XZKQpdCRZ6jV5uBAySuBN6XnHAqH4LEvvGE,13773
+skill_scanner/core/static_analysis/semantic/__init__.py,sha256=7HS7lJ4APpyfWLTUQ_24aJkrLX2MQTcc4erYFtLKm3o,877
+skill_scanner/core/static_analysis/semantic/name_resolver.py,sha256=TEJQkEaTvkL7dnAZwNbcLALPVw85Qc3FS5jfr4CYEsQ,6218
+skill_scanner/core/static_analysis/semantic/type_analyzer.py,sha256=NXEOZO8-vYZ97SQJ5Gu_YLWFDMDhtvtuixVwYGarmDM,5942
+skill_scanner/core/static_analysis/taint/__init__.py,sha256=71JejlK110K2r3LXNIJOLGCZ7I5Q7cEn8XvfCCoEexA,809
+skill_scanner/core/static_analysis/taint/tracker.py,sha256=1WExA8NAV62X5Az64grI41LkkyMNQ7kFS8Mzf6Id1NI,7182
+skill_scanner/core/static_analysis/types/__init__.py,sha256=XluM6BlZ8ECfdAD-231ONJn13UeDdAGmirPAVc0zePk,937
+skill_scanner/data/__init__.py,sha256=eeZz0MhPMEV-PAx8Eqpbb4ey6EHbXT5g8j-DC4427A4,969
+skill_scanner/data/prompts/boilerplate_protection_rule_prompt.md,sha256=DNXYx13Mcbn2q9hw4msTDDbq_VcYCiVkqBZVFSNfzOg,1471
+skill_scanner/data/prompts/code_alignment_threat_analysis_prompt.md,sha256=OzOOFVCbhSHFYCd4Xg3_q0tIlOe32YRFOje-lZTyYws,25406
+skill_scanner/data/prompts/llm_response_schema.json,sha256=nBPlsOtuqv0zwIns4YY7uZsaAM0uPZ7mkcqe8tNDHl8,2971
+skill_scanner/data/prompts/skill_meta_analysis_prompt.md,sha256=aufAuj71GtMq9jwZfQoXAaZj0x43BAeBhC-fahc3bk4,13926
+skill_scanner/data/prompts/skill_threat_analysis_prompt.md,sha256=sg38JO8PvmxlpPudqzmUhGdv66A6d_Bj4dPiGVc_g8U,11629
+skill_scanner/data/prompts/unified_response_schema.md,sha256=-f1EDpKzxjMMFFxXlakS3rORyLtD1_2XiuNwnty1nQs,3571
+skill_scanner/data/rules/signatures.yaml,sha256=EfP_gQk2tTNLNTaJK1si_yfg6XpmxGDGSaQCqpTnxvs,16465
+skill_scanner/data/yara_rules/autonomy_abuse.yara,sha256=5rbbKXvdWrrIi29T_nBhOQB9erUO8vqK_6TjWok-V2U,2581
+skill_scanner/data/yara_rules/code_execution.yara,sha256=mdXAEqi_Upphzt-NhGascbdG5hu8-UDEiRMfq0lgvWc,1896
+skill_scanner/data/yara_rules/coercive_injection.yara,sha256=3QNzoiHDyhk1zUXHv7_COtCBSsr-bb--H4wKeNRCbBM,5359
+skill_scanner/data/yara_rules/command_injection.yara,sha256=gwZ531smAPzLU1iodtX1JuZOyM_2RwKtBj_SfKjt_20,2163
+skill_scanner/data/yara_rules/credential_harvesting.yara,sha256=7W0pSKpW2KAmek1qP_DpjMHKuswv5L36tWusjuEl6Pc,5643
+skill_scanner/data/yara_rules/prompt_injection.yara,sha256=q5tT7-L__x9RCjdAbFLcs9mSs8gZOmPPzjbdNKRwIHE,2715
+skill_scanner/data/yara_rules/script_injection.yara,sha256=pzVPd7b9WNAS5iw8ZMoUgojKSBlEeSTLHLBho8UiMmA,3100
+skill_scanner/data/yara_rules/skill_discovery_abuse.yara,sha256=l1a2YESrARelhByvKxKaOdohKntMqxYGVcusp-1ZZCk,2452
+skill_scanner/data/yara_rules/sql_injection.yara,sha256=pWq3ccqEvQtWz4fU8dQOkhCgVl6US9SZJDfuBU_YCY4,3691
+skill_scanner/data/yara_rules/system_manipulation.yara,sha256=XoO17sZrarzdC58yyHaIz8z36x5xyxzmQXBnkYdoYfM,2231
+skill_scanner/data/yara_rules/tool_chaining_abuse.yara,sha256=1SyF3_j3VJysDvn1uKkuP9G7F4EhMYXMrq7Xcn1UURI,2255
+skill_scanner/data/yara_rules/transitive_trust_abuse.yara,sha256=8YMYbM5qwn-pqn8EFHJwpKvWyk__n9vEI7bH_MLzF2k,2772
+skill_scanner/data/yara_rules/unicode_steganography.yara,sha256=5UxTvcy8CeWJLrPeldgJ9rY5gfODlC9bTNOkCauuOJA,2650
+skill_scanner/hooks/__init__.py,sha256=W7_Xr71Edm6eHKz9_vZgpERbr0Wx2cyTxPn4YJaGg6o,739
+skill_scanner/hooks/pre_commit.py,sha256=dtajQcyAlSaH15J1O9HHQ67xrGj2P6M2pHN6MZ0htwY,13207
+skill_scanner/threats/__init__.py,sha256=9qlA659fV2Ngl-nV3INIrbVDvXzevHy0F9YAmu_kPWE,875
+skill_scanner/threats/threats.py,sha256=egFsT1crNlWQH3szG8yYIURMXXGh7GJnH3wI8w05nfI,21449
+skill_scanner/utils/__init__.py,sha256=mmzKMNaDQ3EtmD2zr_68gMatm4OETbVNtEXuVESxzJs,906
+skill_scanner/utils/command_utils.py,sha256=74rojYVuVWpv-HVdW0qTIzq0ySPdpBuyNTdIQZDakUM,4291
+skill_scanner/utils/di_container.py,sha256=O3aaQVKcu4t1YUXl9iCZxjSBXnvgddlTgmEp0De_g04,4585
+skill_scanner/utils/file_utils.py,sha256=LT2xwrbqIWaYC-BYAL9zpF6a2xk6QNUVzItvGGJcBn8,2043
+skill_scanner/utils/logging_config.py,sha256=8LJwRCVM-oED_6KRDvtjaL8cvEoR88seX1pDyILeQV4,2939
+skill_scanner/utils/logging_utils.py,sha256=CLdOYmQdJejiLbcECTT2CbDU27PJ327AFMmeuVfCy94,1902
+cisco_ai_skill_scanner-1.0.1.dist-info/METADATA,sha256=Ph3EsZ9hjAj9CbQGa8Cew3SM1iF3RfHowlfVifp_37I,9166
+cisco_ai_skill_scanner-1.0.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+cisco_ai_skill_scanner-1.0.1.dist-info/entry_points.txt,sha256=Qpg94wQPc6kWF_KQ-jf2tL_wCJ3aJfZ4V4vsYz50GIw,175
+cisco_ai_skill_scanner-1.0.1.dist-info/licenses/LICENSE,sha256=b4va5sK_CWxpeDnOO2MF0MKqsiwU-3YblMmWKnmuWZg,653
+cisco_ai_skill_scanner-1.0.1.dist-info/RECORD,,

cisco_ai_skill_scanner-1.0.1.dist-info/entry_points.txt

@@ -0,0 +1,4 @@
+[console_scripts]
+skill-scanner = skill_scanner.cli.cli:main
+skill-scanner-api = skill_scanner.api.api_cli:main
+skill-scanner-pre-commit = skill_scanner.hooks.pre_commit:main

{skillanalyzer → skill_scanner}/__init__.py

@@ -15,15 +15,19 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Claude Skill Analyzer - Security scanner for Claude Skills packages.
+Skill Scanner - Security scanner for agent skills packages.
 """
 
-__version__ = "0.2.0"
+try:
+    from ._version import __version__
+except ImportError:
+    __version__ = "0.0.0+unknown"
+
 __author__ = "Cisco Systems, Inc."
 
 # Core exports
 from .config.config import Config
-from .config.constants import SkillAnalyzerConstants
+from .config.constants import SkillScannerConstants
 from .core.loader import SkillLoader, load_skill
 from .core.models import Finding, Report, ScanResult, Severity, Skill, ThreatCategory
 from .core.scanner import SkillScanner, scan_directory, scan_skill
@@ -41,5 +45,5 @@ __all__ = [
     "SkillLoader",
     "load_skill",
     "Config",
-    "SkillAnalyzerConstants",
+    "SkillScannerConstants",
 ]

{skillanalyzer → skill_scanner}/_version.py

@@ -28,7 +28,7 @@ version_tuple: VERSION_TUPLE
 commit_id: COMMIT_ID
 __commit_id__: COMMIT_ID
 
-__version__ = version = '1.0.0'
-__version_tuple__ = version_tuple = (1, 0, 0)
+__version__ = version = '1.0.1'
+__version_tuple__ = version_tuple = (1, 0, 1)
 
 __commit_id__ = commit_id = None

{skillanalyzer → skill_scanner}/api/__init__.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-REST API server for Claude Skill Analyzer.
+REST API server for Skill Scanner.
 
 Matches MCP Scanner's API structure.
 """

{skillanalyzer → skill_scanner}/api/api.py

@@ -14,9 +14,9 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""API module for Skill Analyzer.
+"""API module for Skill Scanner.
 
-This module provides a FastAPI application for scanning Claude Skills packages.
+This module provides a FastAPI application for scanning agent skills packages.
 """
 
 from fastapi import FastAPI
@@ -24,8 +24,8 @@ from fastapi import FastAPI
 from .router import router as api_router
 
 app = FastAPI(
-    title="Claude Skill Analyzer API",
-    description="Security scanning API for Claude Skills packages",
+    title="Skill Scanner API",
+    description="Security scanning API for agent skills packages",
     version="0.2.0",
     docs_url="/docs",
     redoc_url="/redoc",

{skillanalyzer → skill_scanner}/api/api_cli.py

@@ -25,21 +25,21 @@ import sys
 def main():
     """Main entry point for API server CLI."""
     parser = argparse.ArgumentParser(
-        description="Claude Skill Analyzer API Server",
+        description="Skill Scanner API Server",
         formatter_class=argparse.RawDescriptionHelpFormatter,
         epilog="""
 Examples:
   # Start server on default port
-  skill-analyzer-api
+  skill-scanner-api
 
   # Start on custom port
-  skill-analyzer-api --port 8080
+  skill-scanner-api --port 8080
 
   # Start with auto-reload for development
-  skill-analyzer-api --reload
+  skill-scanner-api --reload
 
   # Custom host and port
-  skill-analyzer-api --host 0.0.0.0 --port 9000
+  skill-scanner-api --host 0.0.0.0 --port 9000
         """,
     )
 
@@ -58,14 +58,14 @@ Examples:
         print("Install with: pip install fastapi uvicorn python-multipart", file=sys.stderr)
         return 1
 
-    print("Starting Claude Skill Analyzer API Server...")
+    print("Starting Skill Scanner API Server...")
     print(f"Server: http://{args.host}:{args.port}")
     print(f"Docs: http://{args.host}:{args.port}/docs")
     print(f"Health: http://{args.host}:{args.port}/health")
     print()
 
     try:
-        uvicorn.run("skillanalyzer.api.api:app", host=args.host, port=args.port, reload=args.reload)
+        uvicorn.run("skill_scanner.api.api:app", host=args.host, port=args.port, reload=args.reload)
     except KeyboardInterrupt:
         print("\nShutting down server...")
         return 0

{skillanalyzer → skill_scanner}/api/api_server.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-REST API server for Claude Skill Analyzer (Phase 4).
+REST API server for Skill Scanner.
 
 Provides HTTP endpoints for skill scanning, similar to MCP Scanner's API server.
 """
@@ -126,8 +126,8 @@ class BatchScanRequest(BaseModel):
 
 # Create FastAPI app
 app = FastAPI(
-    title="Claude Skill Analyzer API",
-    description="Security scanning API for Claude Skills packages",
+    title="Skill Scanner API",
+    description="Security scanning API for agent skills packages",
     version="0.2.0",
     docs_url="/docs",
     redoc_url="/redoc",
@@ -140,7 +140,7 @@ scan_results_cache = {}
 @app.get("/", response_model=dict)
 async def root():
     """Root endpoint."""
-    return {"service": "Claude Skill Analyzer API", "version": "0.2.0", "docs": "/docs", "health": "/health"}
+    return {"service": "Skill Scanner API", "version": "0.2.0", "docs": "/docs", "health": "/health"}
 
 
 @app.get("/health", response_model=HealthResponse)
@@ -309,7 +309,7 @@ async def scan_uploaded_skill(
         raise HTTPException(status_code=400, detail="File must be a ZIP archive")
 
     # Create temporary directory
-    temp_dir = Path(tempfile.mkdtemp(prefix="skill_analyzer_"))
+    temp_dir = Path(tempfile.mkdtemp(prefix="skill_scanner_"))
 
     try:
         # Save uploaded file
@@ -627,7 +627,7 @@ def run_server(host: str = "0.0.0.0", port: int = 8000, reload: bool = False):
     """
     import uvicorn
 
-    uvicorn.run("skillanalyzer.api_server:app", host=host, port=port, reload=reload)
+    uvicorn.run("skill_scanner.api.api_server:app", host=host, port=port, reload=reload)
 
 
 if __name__ == "__main__":

{skillanalyzer → skill_scanner}/api/router.py

@@ -14,7 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""API router for Skill Analyzer endpoints."""
+"""API router for Skill Scanner endpoints."""
 
 import shutil
 import tempfile
@@ -123,7 +123,7 @@ class BatchScanRequest(BaseModel):
 @router.get("/", response_model=dict)
 async def root():
     """Root endpoint."""
-    return {"service": "Claude Skill Analyzer API", "version": "0.2.0", "docs": "/docs", "health": "/health"}
+    return {"service": "Skill Scanner API", "version": "0.2.0", "docs": "/docs", "health": "/health"}
 
 
 @router.get("/health", response_model=HealthResponse)
@@ -282,7 +282,7 @@ async def scan_uploaded_skill(
     if not file.filename or not file.filename.endswith(".zip"):
         raise HTTPException(status_code=400, detail="File must be a ZIP archive")
 
-    temp_dir = Path(tempfile.mkdtemp(prefix="skill_analyzer_"))
+    temp_dir = Path(tempfile.mkdtemp(prefix="skill_scanner_"))
 
     try:
         zip_path = temp_dir / file.filename

{skillanalyzer → skill_scanner}/cli/__init__.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Command-line interface for Claude Skill Analyzer.
+Command-line interface for Skill Scanner.
 
 Matches MCP Scanner's CLI structure.
 """

{skillanalyzer → skill_scanner}/cli/cli.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Command-line interface for the Claude Skill Analyzer.
+Command-line interface for the Skill Scanner.
 """
 
 import argparse
@@ -623,7 +623,7 @@ def generate_multi_skill_summary(report) -> str:
     """Generate a simple summary for multiple skills."""
     lines = []
     lines.append("=" * 60)
-    lines.append("Claude Skills Security Scan Report")
+    lines.append("Agent Skills Security Scan Report")
     lines.append("=" * 60)
     lines.append(f"Skills Scanned: {report.total_skills_scanned}")
     lines.append(f"Safe Skills: {report.safe_count}")
@@ -648,33 +648,33 @@ def generate_multi_skill_summary(report) -> str:
 def main():
     """Main CLI entry point."""
     parser = argparse.ArgumentParser(
-        description="Claude Skill Analyzer - Security scanner for Claude Skills packages",
+        description="Skill Scanner - Security scanner for agent skills packages",
         formatter_class=argparse.RawDescriptionHelpFormatter,
         epilog="""
 Examples:
   # Scan a single skill
-  skill-analyzer scan /path/to/skill
+  skill-scanner scan /path/to/skill
 
   # Scan with behavioral analysis (dataflow tracking)
-  skill-analyzer scan /path/to/skill --use-behavioral
+  skill-scanner scan /path/to/skill --use-behavioral
 
   # Scan with all engines (static + behavioral + LLM)
-  skill-analyzer scan /path/to/skill --use-behavioral --use-llm
+  skill-scanner scan /path/to/skill --use-behavioral --use-llm
 
   # Scan with JSON output
-  skill-analyzer scan /path/to/skill --format json
+  skill-scanner scan /path/to/skill --format json
 
   # Scan all skills in a directory
-  skill-analyzer scan-all /path/to/skills
+  skill-scanner scan-all /path/to/skills
 
   # Scan recursively with all engines
-  skill-analyzer scan-all /path/to/skills --recursive --use-behavioral --use-llm
+  skill-scanner scan-all /path/to/skills --recursive --use-behavioral --use-llm
 
   # List available analyzers
-  skill-analyzer list-analyzers
+  skill-scanner list-analyzers
 
   # Validate rule signatures
-  skill-analyzer validate-rules
+  skill-scanner validate-rules
         """,
     )
 

{skillanalyzer → skill_scanner}/config/__init__.py

@@ -15,12 +15,12 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Configuration management for Claude Skill Analyzer.
+Configuration management for Skill Scanner.
 
 Mirrors MCP Scanner's config structure.
 """
 
 from .config import Config
-from .constants import SkillAnalyzerConstants
+from .constants import SkillScannerConstants
 
-__all__ = ["Config", "SkillAnalyzerConstants"]
+__all__ = ["Config", "SkillScannerConstants"]

{skillanalyzer → skill_scanner}/config/config.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Configuration class for Claude Skill Analyzer.
+Configuration class for Skill Scanner.
 
 Based on MCP Scanner's Config structure.
 """
@@ -28,7 +28,7 @@ from pathlib import Path
 @dataclass
 class Config:
     """
-    Configuration for Claude Skill Analyzer.
+    Configuration for Skill Scanner.
 
     Mirrors MCP Scanner's Config class structure.
     """

{skillanalyzer → skill_scanner}/config/config_parser.py

@@ -14,10 +14,10 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""Configuration parser for Skill Analyzer.
+"""Configuration parser for Skill Scanner.
 
 This module provides functionality to parse configuration files
-and environment variables for Skill Analyzer.
+and environment variables for Skill Scanner.
 """
 
 import os
@@ -25,7 +25,7 @@ from pathlib import Path
 
 from ..utils.logging_config import get_logger
 from .config import Config
-from .constants import SkillAnalyzerConstants
+from .constants import SkillScannerConstants
 
 logger = get_logger(__name__)
 
@@ -74,10 +74,10 @@ def parse_config_file(config_path: str | None = None) -> Config:
     if not config_path:
         # Try to find default config file
         default_paths = [
-            Path.home() / ".skillanalyzer" / "config.yaml",
-            Path.home() / ".skillanalyzer" / "config.json",
-            Path.cwd() / ".skillanalyzer.yaml",
-            Path.cwd() / ".skillanalyzer.json",
+            Path.home() / ".skill_scanner" / "config.yaml",
+            Path.home() / ".skill_scanner" / "config.json",
+            Path.cwd() / ".skill_scanner.yaml",
+            Path.cwd() / ".skill_scanner.json",
         ]
 
         for path in default_paths:
@@ -96,11 +96,11 @@ def parse_config_file(config_path: str | None = None) -> Config:
 
 
 class ConfigParser:
-    """Parser for Skill Analyzer configuration files."""
+    """Parser for Skill Scanner configuration files."""
 
     def __init__(self):
         """Initialize the config parser."""
-        self.constants = SkillAnalyzerConstants
+        self.constants = SkillScannerConstants
 
     def parse(self, config_path: str | None = None) -> Config:
         """Parse configuration from file and environment.

{skillanalyzer → skill_scanner}/config/constants.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Constants for Claude Skill Analyzer.
+Constants for Skill Scanner.
 
 Mirrors MCP Scanner's constants structure.
 """
@@ -23,7 +23,7 @@ Mirrors MCP Scanner's constants structure.
 from pathlib import Path
 
 
-class SkillAnalyzerConstants:
+class SkillScannerConstants:
     """Constants used throughout the analyzer."""
 
     # Version

{skillanalyzer → skill_scanner}/core/__init__.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Core functionality for Claude Skill Analyzer.
+Core functionality for Skill Scanner.
 
 This module contains the core components including analyzers, scanner engine,
 and data models.

{skillanalyzer → skill_scanner}/core/analyzers/__init__.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Analyzer modules for detecting security vulnerabilities in Claude Skills.
+Analyzer modules for detecting security vulnerabilities in agent skills.
 
 Structure mirrors MCP Scanner's analyzer organization.
 """
@@ -61,9 +61,9 @@ except (ImportError, ModuleNotFoundError):
     pass
 
 try:
-    from .cross_skill_analyzer import CrossSkillAnalyzer  # noqa: F401
+    from .cross_skill_scanner import CrossSkillScanner  # noqa: F401
 
-    __all__.append("CrossSkillAnalyzer")
+    __all__.append("CrossSkillScanner")
 except (ImportError, ModuleNotFoundError):
     pass
 

{skillanalyzer → skill_scanner}/core/analyzers/aidefense_analyzer.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-AI Defense API analyzer for Claude Skills security scanning.
+AI Defense API analyzer for agent skills security scanning.
 
 Integrates with Cisco AI Defense API (https://api.aidefense.cisco.com) for:
 - Prompt injection detection
@@ -325,7 +325,7 @@ class AIDefenseAnalyzer(BaseAnalyzer):
                 }
             ]
             metadata = {
-                "source": "skill_analyzer",
+                "source": "skill_scanner",
                 "skill_name": skill_name,
                 "file_path": file_path,
                 "content_type": content_type,
@@ -465,7 +465,7 @@ class AIDefenseAnalyzer(BaseAnalyzer):
                 {"role": "user", "content": f"# Code Analysis for {file_path}\n```{language}\n{content[:15000]}\n```"}
             ]
             metadata = {
-                "source": "skill_analyzer",
+                "source": "skill_scanner",
                 "skill_name": skill_name,
                 "file_path": file_path,
                 "language": language,

{skillanalyzer → skill_scanner}/core/analyzers/behavioral/__init__.py

@@ -14,7 +14,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""Behavioral Analysis Package for Claude Skills.
+"""Behavioral Analysis Package for Agent Skills.
 
 This package provides enhanced behavioral analysis capabilities including:
 - Alignment verification between skill description and code behavior

{skillanalyzer → skill_scanner}/core/analyzers/behavioral/alignment/alignment_llm_client.py

@@ -192,7 +192,7 @@ class AlignmentLLMClient:
                     {
                         "role": "system",
                         "content": (
-                            "You are a security expert analyzing Claude Skills. "
+                            "You are a security expert analyzing agent skills. "
                             "You receive complete dataflow analysis and code context. "
                             "Analyze if the skill description accurately describes what the code actually does. "
                             "Respond ONLY with valid JSON. Do not include any markdown formatting or code blocks."