cisco-ai-skill-scanner 1.0.0__py3-none-any.whl → 1.0.2__py3-none-any.whl

{skillanalyzer → skill_scanner}/core/analyzers/meta_analyzer.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-LLM Meta-Analyzer for Claude Skills Security Scanner.
+LLM Meta-Analyzer for Agent Skills Security Scanner.
 
 Performs second-pass LLM analysis on findings from multiple analyzers to:
 - Filter false positives based on contextual understanding
@@ -339,7 +339,7 @@ class MetaAnalyzer(BaseAnalyzer):
 
     def _get_default_system_prompt(self) -> str:
         """Get default system prompt if file not found."""
-        return """You are a senior security analyst performing meta-analysis on Claude Skill security findings.
+        return """You are a senior security analyst performing meta-analysis on Agent Skill security findings.
 Your role is to review findings from multiple analyzers, identify false positives,
 prioritize by actual risk, correlate related issues, and provide actionable recommendations.
 
@@ -787,29 +787,42 @@ def apply_meta_analysis_to_results(
     meta_result: MetaAnalysisResult,
     skill: Skill,
 ) -> list[Finding]:
-    """Apply meta-analysis results to filter and enrich findings.
+    """Apply meta-analysis results to enrich all findings with metadata.
 
     This function:
-    1. Filters out false positives identified by meta-analysis
+    1. Marks false positives with metadata (but keeps them in output)
     2. Adds meta-analysis enrichments to validated findings
     3. Adds any new threats detected by meta-analyzer
 
+    All findings are retained in the output with metadata indicating whether
+    they were identified as false positives. This allows downstream consumers
+    (like VS Code extensions) to filter or display them as needed.
+
     Args:
         original_findings: Original findings from all analyzers
         meta_result: Results from meta-analysis
         skill: The skill being analyzed
 
     Returns:
-        Filtered and enriched list of findings
+        All findings with meta-analysis metadata added
     """
-    # Build set of false positive indices
-    fp_indices = set()
+    # Build false positive lookup with reasons and metadata
+    fp_data: dict[int, dict[str, Any]] = {}
     for fp in meta_result.false_positives:
         if "_index" in fp:
-            fp_indices.add(fp["_index"])
+            fp_data[fp["_index"]] = {
+                "reason": fp.get("reason") or fp.get("false_positive_reason") or "Identified as likely false positive",
+                "confidence": fp.get("confidence"),
+            }
 
     # Build enrichment lookup from validated findings
-    enrichments = {}
+    enrichments: dict[int, dict[str, Any]] = {}
+    priority_lookup: dict[int, int] = {}
+
+    # Build priority rank lookup from priority_order
+    for rank, idx in enumerate(meta_result.priority_order, start=1):
+        priority_lookup[idx] = rank
+
     for vf in meta_result.validated_findings:
         idx = vf.get("_index")
         if idx is not None:
@@ -821,25 +834,44 @@ def apply_meta_analysis_to_results(
                 "meta_impact": vf.get("impact"),
             }
 
-    # Filter and enrich original findings
+    # Enrich all findings (do not filter out false positives)
     result_findings = []
     for i, finding in enumerate(original_findings):
-        # Skip false positives
-        if i in fp_indices:
-            continue
-
-        # Add enrichments if available
-        if i in enrichments:
-            for key, value in enrichments[i].items():
-                if value is not None:
-                    finding.metadata[key] = value
+        # Ensure metadata dict exists
+        if finding.metadata is None:
+            finding.metadata = {}
+
+        # Mark false positives with metadata (but keep them in output)
+        if i in fp_data:
+            finding.metadata["meta_false_positive"] = True
+            finding.metadata["meta_reason"] = fp_data[i]["reason"]
+            if fp_data[i].get("confidence") is not None:
+                finding.metadata["meta_confidence"] = fp_data[i]["confidence"]
         else:
-            finding.metadata["meta_reviewed"] = True
+            # Mark as validated (not a false positive)
+            finding.metadata["meta_false_positive"] = False
+
+            # Add enrichments if available for validated findings
+            if i in enrichments:
+                for key, value in enrichments[i].items():
+                    if value is not None:
+                        finding.metadata[key] = value
+            else:
+                finding.metadata["meta_reviewed"] = True
+
+        # Add priority rank if available
+        if i in priority_lookup:
+            finding.metadata["meta_priority"] = priority_lookup[i]
 
         result_findings.append(finding)
 
     # Add missed threats as new findings
     missed_findings = meta_result.get_missed_threats(skill)
+    for mf in missed_findings:
+        # Ensure missed threats are marked as validated (not false positives)
+        if mf.metadata is None:
+            mf.metadata = {}
+        mf.metadata["meta_false_positive"] = False
     result_findings.extend(missed_findings)
 
     return result_findings

{skillanalyzer → skill_scanner}/core/analyzers/static.py

@@ -24,6 +24,7 @@ import re
 from pathlib import Path
 from typing import Any
 
+from ...config.yara_modes import DEFAULT_YARA_MODE, YaraModeConfig
 from ...core.models import Finding, Severity, Skill, ThreatCategory
 from ...core.rules.patterns import RuleLoader, SecurityRule
 from ...core.rules.yara_scanner import YaraScanner
@@ -91,28 +92,93 @@ _RM_TARGET_PATTERN = re.compile(r"rm\s+-r[^;]*?\s+([^\s;]+)")
 class StaticAnalyzer(BaseAnalyzer):
     """Static pattern-based security analyzer."""
 
-    def __init__(self, rules_file: Path | None = None, use_yara: bool = True):
+    def __init__(
+        self,
+        rules_file: Path | None = None,
+        use_yara: bool = True,
+        yara_mode: YaraModeConfig | str | None = None,
+        custom_yara_rules_path: str | Path | None = None,
+        disabled_rules: set[str] | None = None,
+    ):
         """
         Initialize static analyzer.
 
         Args:
-            rules_file: Optional custom rules file
+            rules_file: Optional custom YAML rules file
             use_yara: Whether to use YARA scanning (default: True)
+            yara_mode: YARA detection mode - can be:
+                - YaraModeConfig instance
+                - Mode name string: "strict", "balanced", "permissive"
+                - None for default (balanced)
+            custom_yara_rules_path: Path to directory containing custom YARA rules
+                (.yara files). If provided, uses these instead of built-in rules.
+            disabled_rules: Set of rule names to disable. Rules can be YARA rule
+                names (e.g., "YARA_script_injection") or static rule IDs
+                (e.g., "COMMAND_INJECTION_EVAL").
         """
         super().__init__("static_analyzer")
 
         self.rule_loader = RuleLoader(rules_file)
         self.rule_loader.load_rules()
 
+        # Configure YARA mode
+        if yara_mode is None:
+            self.yara_mode = DEFAULT_YARA_MODE
+        elif isinstance(yara_mode, str):
+            self.yara_mode = YaraModeConfig.from_mode_name(yara_mode)
+        else:
+            self.yara_mode = yara_mode
+
+        # Store disabled rules (merge with mode-based disabled rules)
+        self.disabled_rules = set(disabled_rules or set())
+        self.disabled_rules.update(self.yara_mode.disabled_rules)
+
+        # Store custom YARA rules path
+        self.custom_yara_rules_path = Path(custom_yara_rules_path) if custom_yara_rules_path else None
+
         self.use_yara = use_yara
         self.yara_scanner = None
         if use_yara:
             try:
-                self.yara_scanner = YaraScanner()
+                # Use custom rules path if provided
+                if self.custom_yara_rules_path:
+                    self.yara_scanner = YaraScanner(rules_dir=self.custom_yara_rules_path)
+                    logger.info("Using custom YARA rules from: %s", self.custom_yara_rules_path)
+                else:
+                    self.yara_scanner = YaraScanner()
             except Exception as e:
                 logger.warning("Could not load YARA scanner: %s", e)
                 self.yara_scanner = None
 
+    def _is_rule_enabled(self, rule_name: str) -> bool:
+        """
+        Check if a rule is enabled.
+
+        A rule is enabled if:
+        1. It's enabled in the current YARA mode
+        2. It's not in the explicitly disabled rules set
+
+        Args:
+            rule_name: Name of the rule to check (e.g., "YARA_script_injection")
+
+        Returns:
+            True if the rule is enabled, False otherwise
+        """
+        # Check mode-based enable/disable first
+        if not self.yara_mode.is_rule_enabled(rule_name):
+            return False
+
+        # Check if explicitly disabled via --disable-rule
+        if rule_name in self.disabled_rules:
+            return False
+
+        # Also check without YARA_ prefix for convenience
+        base_name = rule_name.replace("YARA_", "") if rule_name.startswith("YARA_") else rule_name
+        if base_name in self.disabled_rules:
+            return False
+
+        return True
+
     def analyze(self, skill: Skill) -> list[Finding]:
         """
         Analyze skill using static pattern matching.
@@ -144,6 +210,10 @@ class StaticAnalyzer(BaseAnalyzer):
 
         findings.extend(self._scan_asset_files(skill))
 
+        # Filter out disabled rules
+        if self.disabled_rules:
+            findings = [f for f in findings if self._is_rule_enabled(f.rule_id)]
+
         return findings
 
     def _check_manifest(self, skill: Skill) -> list[Finding]:
@@ -157,10 +227,10 @@ class StaticAnalyzer(BaseAnalyzer):
                     id=self._generate_finding_id("MANIFEST_INVALID_NAME", "manifest"),
                     rule_id="MANIFEST_INVALID_NAME",
                     category=ThreatCategory.POLICY_VIOLATION,
-                    severity=Severity.LOW,
-                    title="Skill name does not follow Claude Skills naming rules",
+                    severity=Severity.INFO,
+                    title="Skill name does not follow agent skills naming rules",
                     description=(
-                        f"Skill name '{manifest.name}' is invalid. Claude Skills require lowercase letters, numbers, "
+                        f"Skill name '{manifest.name}' is invalid. Agent skills require lowercase letters, numbers, "
                         f"and hyphens only, with a maximum length of 64 characters."
                     ),
                     file_path="SKILL.md",
@@ -176,9 +246,9 @@ class StaticAnalyzer(BaseAnalyzer):
                     rule_id="MANIFEST_DESCRIPTION_TOO_LONG",
                     category=ThreatCategory.POLICY_VIOLATION,
                     severity=Severity.LOW,
-                    title="Skill description exceeds Claude Skills length limit",
+                    title="Skill description exceeds agent skills length limit",
                     description=(
-                        f"Skill description is {len(manifest.description)} characters; Claude Skills limit the "
+                        f"Skill description is {len(manifest.description)} characters; Agent skills limit the "
                         f"`description` field to 1024 characters."
                     ),
                     file_path="SKILL.md",
@@ -220,7 +290,7 @@ class StaticAnalyzer(BaseAnalyzer):
                         title="Potential Anthropic brand impersonation",
                         description="Skill name or description contains 'Anthropic', suggesting official affiliation",
                         file_path="SKILL.md",
-                        remediation="Do not impersonate official Anthropic skills or use Anthropic branding without authorization",
+                        remediation="Do not impersonate official skills or use unauthorized branding",
                         analyzer="static",
                     )
                 )
@@ -232,10 +302,10 @@ class StaticAnalyzer(BaseAnalyzer):
                     rule_id="SOCIAL_ENG_ANTHROPIC_IMPERSONATION",
                     category=ThreatCategory.SOCIAL_ENGINEERING,
                     severity=Severity.HIGH,
-                    title="Claims to be official Claude skill",
-                    description="Skill claims to be an 'official' Claude skill",
+                    title="Claims to be official skill",
+                    description="Skill claims to be an 'official' skill",
                     file_path="SKILL.md",
-                    remediation="Remove 'official' claims unless authorized by Anthropic",
+                    remediation="Remove 'official' claims unless properly authorized",
                     analyzer="static",
                 )
             )
@@ -246,7 +316,7 @@ class StaticAnalyzer(BaseAnalyzer):
                     id=self._generate_finding_id("MANIFEST_MISSING_LICENSE", "manifest"),
                     rule_id="MANIFEST_MISSING_LICENSE",
                     category=ThreatCategory.POLICY_VIOLATION,
-                    severity=Severity.LOW,
+                    severity=Severity.INFO,
                     title="Skill does not specify a license",
                     description="Skill manifest does not include a 'license' field. Specifying a license helps users understand usage terms.",
                     file_path="SKILL.md",
@@ -553,7 +623,7 @@ class StaticAnalyzer(BaseAnalyzer):
         ]
 
         socket_external_indicators = ["socket.connect", "socket.create_connection"]
-        socket_localhost_indicators = ["localhost", "127.0.0.1", "0.0.0.0"]
+        socket_localhost_indicators = ["localhost", "127.0.0.1", "::1"]
 
         for skill_file in skill.get_scripts():
             content = skill_file.read_content()
@@ -622,8 +692,8 @@ class StaticAnalyzer(BaseAnalyzer):
                     Finding(
                         id=self._generate_finding_id("ALLOWED_TOOLS_WRITE_VIOLATION", skill.name),
                         rule_id="ALLOWED_TOOLS_WRITE_VIOLATION",
-                        category=ThreatCategory.UNAUTHORIZED_TOOL_USE,
-                        severity=Severity.HIGH,
+                        category=ThreatCategory.POLICY_VIOLATION,
+                        severity=Severity.MEDIUM,
                         title="Skill declares no Write tool but bundled scripts write files",
                         description=(
                             f"Skill restricts tools to {skill.manifest.allowed_tools} but bundled scripts appear to "
@@ -651,22 +721,11 @@ class StaticAnalyzer(BaseAnalyzer):
                     )
                 )
 
-        if "python" not in allowed_tools_lower:
-            python_scripts = [f for f in skill.files if f.file_type == "python" and f.relative_path != "SKILL.md"]
-            if python_scripts:
-                findings.append(
-                    Finding(
-                        id=self._generate_finding_id("ALLOWED_TOOLS_PYTHON_VIOLATION", skill.name),
-                        rule_id="ALLOWED_TOOLS_PYTHON_VIOLATION",
-                        category=ThreatCategory.UNAUTHORIZED_TOOL_USE,
-                        severity=Severity.HIGH,
-                        title="Python scripts present but Python tool not in allowed-tools",
-                        description=f"Skill restricts tools to {skill.manifest.allowed_tools} but includes Python scripts",
-                        file_path=None,
-                        remediation="Add 'Python' to allowed-tools or remove Python scripts",
-                        analyzer="static",
-                    )
-                )
+        # Note: ALLOWED_TOOLS_PYTHON_VIOLATION removed - too many false positives
+        # Many skills include Python helper scripts that are NOT invoked directly by the agent
+        # (e.g., build scripts, test files, utilities). The allowed-tools list controls what
+        # the AGENT can use, not what helper scripts exist in the repo.
+        # If direct Python execution is a concern, COMMAND_INJECTION_EVAL catches actual risks.
 
         if "grep" not in allowed_tools_lower:
             if self._code_uses_grep(skill):
@@ -927,6 +986,10 @@ class StaticAnalyzer(BaseAnalyzer):
 
         yara_matches = self.yara_scanner.scan_content(skill.instruction_body, "SKILL.md")
         for match in yara_matches:
+            rule_name = match.get("rule_name", "")
+            # Check if rule is enabled in current mode and not explicitly disabled
+            if not self._is_rule_enabled(rule_name):
+                continue
             findings.extend(self._create_findings_from_yara_match(match, skill))
 
         for skill_file in skill.get_scripts():
@@ -935,7 +998,7 @@ class StaticAnalyzer(BaseAnalyzer):
                 yara_matches = self.yara_scanner.scan_content(content, skill_file.relative_path)
                 for match in yara_matches:
                     rule_name = match.get("rule_name", "")
-                    if rule_name == "skill_discovery_abuse":
+                    if rule_name == "capability_inflation_generic":
                         continue
                     findings.extend(self._create_findings_from_yara_match(match, skill, content))
 
@@ -1006,8 +1069,28 @@ class StaticAnalyzer(BaseAnalyzer):
             ".cache",
         }
 
+        PLACEHOLDER_MARKERS = {
+            "your-",
+            "your_",
+            "your ",
+            "example",
+            "sample",
+            "dummy",
+            "placeholder",
+            "replace",
+            "changeme",
+            "change_me",
+            "<your",
+            "<insert",
+        }
+
         for string_match in match["strings"]:
-            if rule_name == "code_execution":
+            # Skip exclusion patterns (these are used in YARA conditions but shouldn't create findings)
+            string_identifier = string_match.get("identifier", "")
+            if string_identifier.startswith("$documentation") or string_identifier.startswith("$safe"):
+                continue
+
+            if rule_name == "code_execution_generic":
                 line_content = string_match.get("line_content", "").lower()
                 matched_data = string_match.get("matched_data", "").lower()
 
@@ -1028,7 +1111,7 @@ class StaticAnalyzer(BaseAnalyzer):
                 if is_safe_command:
                     continue
 
-            if rule_name == "system_manipulation":
+            if rule_name == "system_manipulation_generic":
                 line_content = string_match.get("line_content", "").lower()
 
                 if "rm -rf" in line_content or "rm -r" in line_content:
@@ -1040,6 +1123,73 @@ class StaticAnalyzer(BaseAnalyzer):
                         if all_safe:
                             continue
 
+            # Credential harvesting post-filters (controlled by mode)
+            if rule_name == "credential_harvesting_generic":
+                if self.yara_mode.credential_harvesting.filter_placeholder_patterns:
+                    line_content = string_match.get("line_content", "")
+                    matched_data = string_match.get("matched_data", "")
+                    combined = f"{line_content} {matched_data}".lower()
+
+                    if any(marker in combined for marker in PLACEHOLDER_MARKERS):
+                        continue
+
+                    if "export " in combined and "=" in combined:
+                        _, value = combined.split("=", 1)
+                        if any(marker in value for marker in PLACEHOLDER_MARKERS):
+                            continue
+
+            # Tool chaining post-filters (controlled by mode)
+            if rule_name == "tool_chaining_abuse_generic":
+                line_content = string_match.get("line_content", "")
+                lower_line = line_content.lower()
+                exfil_hints = ("send", "upload", "transmit", "webhook", "slack", "exfil", "forward")
+
+                if self.yara_mode.tool_chaining.filter_generic_http_verbs:
+                    if (
+                        "get" in lower_line
+                        and "post" in lower_line
+                        and not any(hint in lower_line for hint in exfil_hints)
+                    ):
+                        continue
+
+                if self.yara_mode.tool_chaining.filter_api_documentation:
+                    if any(
+                        token in line_content for token in ("@app.", "app.", "router.", "route", "endpoint")
+                    ) and not any(hint in lower_line for hint in exfil_hints):
+                        continue
+
+                if self.yara_mode.tool_chaining.filter_email_field_mentions:
+                    if "by email" in lower_line or "email address" in lower_line or "email field" in lower_line:
+                        continue
+
+            # Unicode steganography post-filters
+            if rule_name == "prompt_injection_unicode_steganography":
+                line_content = string_match.get("line_content", "")
+                matched_data = string_match.get("matched_data", "")
+                has_ascii_letters = any("A" <= char <= "Z" or "a" <= char <= "z" for char in line_content)
+
+                # Filter short matches in non-Latin context (likely legitimate i18n)
+                if len(matched_data) <= 2 and not has_ascii_letters:
+                    continue
+
+                # Filter if context suggests legitimate internationalization
+                i18n_markers = ("i18n", "locale", "translation", "lang=", "charset", "utf-8", "encoding")
+                if any(marker in line_content.lower() for marker in i18n_markers):
+                    continue
+
+                # Filter Cyrillic, CJK, Arabic, Hebrew text (legitimate non-Latin content)
+                # These are indicated by presence of those scripts without zero-width chars
+                cyrillic_cjk_pattern = any(
+                    ("\u0400" <= char <= "\u04ff")  # Cyrillic
+                    or ("\u4e00" <= char <= "\u9fff")  # CJK Unified
+                    or ("\u0600" <= char <= "\u06ff")  # Arabic
+                    or ("\u0590" <= char <= "\u05ff")  # Hebrew
+                    for char in line_content
+                )
+                # If the line has legitimate non-Latin text but matched only 1-2 zero-width chars, skip
+                if cyrillic_cjk_pattern and len(matched_data) < 10:
+                    continue
+
             finding_id = self._generate_finding_id(f"YARA_{rule_name}", f"{file_path}:{string_match['line_number']}")
 
             description = meta.get("description", f"YARA rule {rule_name} matched")

{skillanalyzer → skill_scanner}/core/analyzers/trigger_analyzer.py

@@ -17,7 +17,7 @@
 """
 Trigger analyzer for detecting overly generic skill descriptions.
 
-Claude uses skill descriptions to decide when to activate a skill.
+AI agents use skill descriptions to decide when to activate a skill.
 Overly generic descriptions can cause trigger hijacking where a skill
 activates for unrelated user requests.
 """
@@ -220,7 +220,7 @@ class TriggerAnalyzer(BaseAnalyzer):
                     title="Skill description is too short",
                     description=(
                         f"Description has only {len(words)} words. "
-                        f"Short descriptions may not provide enough context for Claude to determine "
+                        f"Short descriptions may not provide enough context for the agent to determine "
                         f"when this skill should be used."
                     ),
                     file_path="SKILL.md",

{skillanalyzer → skill_scanner}/core/exceptions.py

@@ -14,14 +14,14 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-"""Skill Analyzer exceptions.
+"""Skill Scanner exceptions.
 
-This module defines custom exceptions for Skill Analyzer operations.
-All exceptions inherit from SkillAnalyzerError for easy catching.
+This module defines custom exceptions for Skill Scanner operations.
+All exceptions inherit from SkillScannerError for easy catching.
 
 Example:
-    >>> from skillanalyzer import Scanner
-    >>> from skillanalyzer.core.exceptions import SkillLoadError
+    >>> from skill_scanner import Scanner
+    >>> from skill_scanner.core.exceptions import SkillLoadError
     >>>
     >>> scanner = Scanner()
     >>>
@@ -34,13 +34,13 @@ Example:
 """
 
 
-class SkillAnalyzerError(Exception):
-    """Base exception for all Skill Analyzer errors."""
+class SkillScannerError(Exception):
+    """Base exception for all Skill Scanner errors."""
 
     pass
 
 
-class SkillLoadError(SkillAnalyzerError):
+class SkillLoadError(SkillScannerError):
     """Raised when unable to load a skill package.
 
     This can indicate:
@@ -53,7 +53,7 @@ class SkillLoadError(SkillAnalyzerError):
     pass
 
 
-class SkillAnalysisError(SkillAnalyzerError):
+class SkillAnalysisError(SkillScannerError):
     """Raised when skill analysis fails.
 
     This typically indicates:
@@ -65,7 +65,7 @@ class SkillAnalysisError(SkillAnalyzerError):
     pass
 
 
-class SkillValidationError(SkillAnalyzerError):
+class SkillValidationError(SkillScannerError):
     """Raised when skill validation fails.
 
     This indicates:

{skillanalyzer → skill_scanner}/core/loader.py

@@ -33,10 +33,10 @@ class SkillLoadError(Exception):
 
 
 class SkillLoader:
-    """Loads and parses Claude Skill, Codex Skill, and Cursor Agent Skill packages.
+    """Loads and parses Agent Skill packages.
 
-    Supports the Agent Skills specification format used by Claude Skills,
-    OpenAI Codex Skills, and Cursor Agent Skills. Skills are structured as:
+    Supports the Agent Skills specification format used by
+    OpenAI Codex Skills and Cursor Agent Skills. Skills are structured as:
     - SKILL.md (required): YAML frontmatter + Markdown instructions
     - scripts/ (optional): Executable code (Python, Bash)
     - references/ (optional): Documentation and data files
@@ -143,7 +143,7 @@ class SkillLoader:
             # YAML has explicit metadata key (Codex Skills format)
             metadata_field = metadata["metadata"]
         else:
-            # Collect remaining fields as metadata (Claude Skills format)
+            # Collect remaining fields as metadata (Agent Skills format)
             # Exclude known fields from being collected as metadata
             known_fields = [
                 "name",

{skillanalyzer → skill_scanner}/core/models.py

@@ -15,7 +15,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 """
-Data models for Claude Skills and security findings.
+Data models for agent skills and security findings.
 """
 
 from dataclasses import dataclass, field
@@ -49,6 +49,7 @@ class ThreatCategory(str, Enum):
     RESOURCE_ABUSE = "resource_abuse"
     POLICY_VIOLATION = "policy_violation"
     MALWARE = "malware"
+    HARMFUL_CONTENT = "harmful_content"
     # New threat categories
     SKILL_DISCOVERY_ABUSE = "skill_discovery_abuse"
     TRANSITIVE_TRUST_ABUSE = "transitive_trust_abuse"
@@ -61,7 +62,7 @@ class ThreatCategory(str, Enum):
 class SkillManifest:
     """Parsed YAML frontmatter from SKILL.md.
 
-    Supports Claude Skills, Codex Skills, and Cursor Agent Skills formats,
+    Supports Codex Skills and Cursor Agent Skills formats,
     which follow the Agent Skills specification. The format includes:
     - Required: name, description
     - Optional: license, compatibility, allowed-tools, metadata
@@ -82,7 +83,7 @@ class SkillManifest:
         if self.allowed_tools is None:
             self.allowed_tools = []
         elif isinstance(self.allowed_tools, str):
-            # Claude Code/Codex docs commonly show comma-separated tool lists in YAML frontmatter
+            # Agent skill docs commonly show comma-separated tool lists in YAML frontmatter
             # (e.g., "allowed-tools: Read, Grep, Glob"). Treat this as a list.
             parts = [p.strip() for p in self.allowed_tools.split(",")]
             self.allowed_tools = [p for p in parts if p]
@@ -118,10 +119,10 @@ class SkillFile:
 
 @dataclass
 class Skill:
-    """Represents a complete Claude Skill, Codex Skill, or Cursor Agent Skill package.
+    """Represents a complete Agent Skill package.
 
-    Supports the Agent Skills specification format used by Claude Skills,
-    OpenAI Codex Skills, and Cursor Agent Skills. The package structure includes:
+    Supports the Agent Skills specification format used by
+    OpenAI Codex Skills and Cursor Agent Skills. The package structure includes:
     - SKILL.md (required): Manifest and instructions
     - scripts/ (optional): Executable code
     - references/ (optional): Documentation files