cisco-ai-skill-scanner 1.0.0__py3-none-any.whl

cisco_ai_skill_scanner-1.0.0.dist-info/METADATA

@@ -0,0 +1,253 @@
+Metadata-Version: 2.4
+Name: cisco-ai-skill-scanner
+Version: 1.0.0
+Summary: Security scanner for Claude Skills and Codex Skills packages - Detects prompt injection, data exfiltration, and malicious code
+Project-URL: Homepage, https://github.com/cisco-ai-defense/skill-scanner
+Project-URL: Documentation, https://github.com/cisco-ai-defense/skill-scanner#readme
+Project-URL: Repository, https://github.com/cisco-ai-defense/skill-scanner
+Project-URL: Issues, https://github.com/cisco-ai-defense/skill-scanner/issues
+Project-URL: Changelog, https://github.com/cisco-ai-defense/skill-scanner/releases
+Author: Cisco
+License: Apache-2.0
+License-File: LICENSE
+Keywords: ai-security,anthropic,claude,codex,llm-security,mcp,openai,prompt-injection,scanner,security,skills,static-analysis,threat-detection
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Classifier: Topic :: Software Development :: Testing
+Classifier: Typing :: Typed
+Requires-Python: >=3.10
+Requires-Dist: anthropic>=0.40.0
+Requires-Dist: click>=8.1.0
+Requires-Dist: fastapi>=0.125.0
+Requires-Dist: google-genai>=0.2.0
+Requires-Dist: google-generativeai>=0.8.0
+Requires-Dist: httpx>=0.28.1
+Requires-Dist: litellm>=1.77.0
+Requires-Dist: openai>=1.0.0
+Requires-Dist: pydantic>=2.6.0
+Requires-Dist: python-dotenv>=1.0.0
+Requires-Dist: python-frontmatter>=1.0.0
+Requires-Dist: python-multipart>=0.0.6
+Requires-Dist: pyyaml>=6.0.1
+Requires-Dist: rich>=13.0.0
+Requires-Dist: tabulate>=0.9.0
+Requires-Dist: uvicorn[standard]>=0.29.0
+Requires-Dist: yara-python>=4.5.4
+Provides-Extra: all
+Requires-Dist: azure-identity>=1.15.0; extra == 'all'
+Requires-Dist: boto3>=1.28.57; extra == 'all'
+Requires-Dist: google-cloud-aiplatform>=1.38.0; extra == 'all'
+Provides-Extra: azure
+Requires-Dist: azure-identity>=1.15.0; extra == 'azure'
+Provides-Extra: bedrock
+Requires-Dist: boto3>=1.28.57; extra == 'bedrock'
+Provides-Extra: vertex
+Requires-Dist: google-cloud-aiplatform>=1.38.0; extra == 'vertex'
+Description-Content-Type: text/markdown
+
+# Skill Scanner
+
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
+[![PyPI version](https://img.shields.io/pypi/v/cisco-ai-skill-scanner.svg)](https://pypi.org/project/cisco-ai-skill-scanner/)
+[![CI](https://github.com/cisco-ai-defense/skill-scanner/actions/workflows/python-tests.yml/badge.svg)](https://github.com/cisco-ai-defense/skill-scanner/actions/workflows/python-tests.yml)
+[![Discord](https://img.shields.io/badge/Discord-Join%20Us-7289da?logo=discord&logoColor=white)](https://discord.com/invite/nKWtDcXxtx)
+[![Cisco AI Defense](https://img.shields.io/badge/Cisco-AI%20Defense-049fd9?logo=cisco&logoColor=white)](https://www.cisco.com/site/us/en/products/security/ai-defense/index.html)
+[![AI Security Framework](https://img.shields.io/badge/AI%20Security-Framework-orange)](https://learn-cloudsecurity.cisco.com/ai-security-framework)
+
+A security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns. Combines **pattern-based detection** (YAML + YARA), **LLM-as-a-judge**, and **behavioral dataflow analysis** for comprehensive threat detection.
+
+Supports [Anthropic Claude Skills](https://docs.anthropic.com/en/docs/agents-and-tools/claude-skills), [OpenAI Codex Skills](https://openai.github.io/codex/), and [Cursor Agent Skills](https://docs.cursor.com/context/rules) formats following the [Agent Skills specification](https://agentskills.io).
+
+---
+
+## Highlights
+
+- **Multi-Engine Detection** - Static analysis, behavioral dataflow, LLM semantic analysis, and cloud-based scanning
+- **False Positive Filtering** - Meta-analyzer achieves ~65% noise reduction while maintaining 100% threat detection
+- **CI/CD Ready** - SARIF output for GitHub Code Scanning, exit codes for build failures
+- **Extensible** - Plugin architecture for custom analyzers
+
+**[Join the Cisco AI Discord](https://discord.com/invite/nKWtDcXxtx)** to discuss, share feedback, or connect with the team.
+
+---
+
+## Documentation
+
+| Guide | Description |
+|-------|-------------|
+| [Quick Start](docs/quickstart.md) | Get started in 5 minutes |
+| [Architecture](docs/architecture.md) | System design and components |
+| [Threat Taxonomy](docs/threat-taxonomy.md) | Complete AITech threat taxonomy with examples |
+| [LLM Analyzer](docs/llm-analyzer.md) | LLM configuration and usage |
+| [Meta-Analyzer](docs/meta-analyzer.md) | False positive filtering and prioritization |
+| [Behavioral Analyzer](docs/behavioral-analyzer.md) | Dataflow analysis details |
+| [API Reference](docs/api-server.md) | REST API documentation |
+| [Development Guide](docs/developing.md) | Contributing and development setup |
+
+---
+
+## Installation
+
+**Prerequisites:** Python 3.10+ and [uv](https://docs.astral.sh/uv/) (recommended) or pip
+
+```bash
+# Using uv (recommended)
+uv pip install cisco-ai-skill-scanner
+
+# Using pip
+pip install cisco-ai-skill-scanner
+```
+
+<details>
+<summary><strong>Cloud Provider Extras</strong></summary>
+
+```bash
+# AWS Bedrock support
+pip install cisco-ai-skill-scanner[bedrock]
+
+# Google Vertex AI support
+pip install cisco-ai-skill-scanner[vertex]
+
+# Azure OpenAI support
+pip install cisco-ai-skill-scanner[azure]
+
+# All cloud providers
+pip install cisco-ai-skill-scanner[all]
+```
+
+</details>
+
+---
+
+## Quick Start
+
+### Environment Setup (Optional)
+
+```bash
+# For LLM analyzer and Meta-analyzer
+export SKILL_SCANNER_LLM_API_KEY="your_api_key"
+export SKILL_SCANNER_LLM_MODEL="claude-3-5-sonnet-20241022"
+
+# For VirusTotal binary scanning
+export VIRUSTOTAL_API_KEY="your_virustotal_api_key"
+
+# For Cisco AI Defense
+export AI_DEFENSE_API_KEY="your_aidefense_api_key"
+```
+
+### CLI Usage
+
+```bash
+# Scan a single skill (static analyzer only)
+skill-analyzer scan /path/to/skill
+
+# Scan with behavioral analyzer (dataflow analysis)
+skill-analyzer scan /path/to/skill --use-behavioral
+
+# Scan with all engines
+skill-analyzer scan /path/to/skill --use-behavioral --use-llm --use-aidefense
+
+# Scan with meta-analyzer for false positive filtering
+skill-analyzer scan /path/to/skill --use-llm --enable-meta
+
+# Scan multiple skills recursively
+skill-analyzer scan-all /path/to/skills --recursive --use-behavioral
+
+# CI/CD: Fail build if threats found
+skill-analyzer scan-all ./skills --fail-on-findings --format sarif --output results.sarif
+```
+
+### Python SDK
+
+```python
+from skillanalyzer import SkillScanner
+from skillanalyzer.core.analyzers import StaticAnalyzer, BehavioralAnalyzer
+
+# Create scanner with analyzers
+scanner = SkillScanner(analyzers=[
+    StaticAnalyzer(),
+    BehavioralAnalyzer(use_static_analysis=True),
+])
+
+# Scan a skill
+result = scanner.scan_skill("/path/to/skill")
+
+print(f"Safe: {result.is_safe}")
+print(f"Findings: {len(result.findings)}")
+```
+
+---
+
+## Security Analyzers
+
+| Analyzer | Detection Method | Scope | Requirements |
+|----------|------------------|-------|--------------|
+| **Static** | YAML + YARA patterns | All files | None |
+| **Behavioral** | AST dataflow analysis | Python files | None |
+| **LLM** | Semantic analysis | SKILL.md + scripts | API key |
+| **Meta** | False positive filtering | All findings | API key |
+| **VirusTotal** | Hash-based malware | Binary files | API key |
+| **AI Defense** | Cloud-based AI | Text content | API key |
+
+---
+
+## CLI Options
+
+| Option | Description |
+|--------|-------------|
+| `--use-behavioral` | Enable behavioral analyzer (dataflow analysis) |
+| `--use-llm` | Enable LLM analyzer (requires API key) |
+| `--use-virustotal` | Enable VirusTotal binary scanner |
+| `--use-aidefense` | Enable Cisco AI Defense analyzer |
+| `--enable-meta` | Enable meta-analyzer for false positive filtering |
+| `--format` | Output: `summary`, `json`, `markdown`, `table`, `sarif` |
+| `--output PATH` | Save report to file |
+| `--fail-on-findings` | Exit with error if HIGH/CRITICAL found |
+
+---
+
+## Example Output
+
+```
+$ skill-analyzer scan ./my-skill --use-behavioral
+
+============================================================
+Skill: my-skill
+============================================================
+Status: [OK] SAFE
+Max Severity: SAFE
+Total Findings: 0
+Scan Duration: 0.15s
+```
+
+---
+
+## Contributing
+
+We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
+
+## License
+
+Apache 2.0 - See [LICENSE](LICENSE) for details.
+
+Copyright 2026 Cisco Systems, Inc. and its affiliates
+
+---
+
+<p align="center">
+  <a href="https://github.com/cisco-ai-defense/skill-scanner">GitHub</a> •
+  <a href="https://discord.com/invite/nKWtDcXxtx">Discord</a> •
+  <a href="https://pypi.org/project/cisco-ai-skill-scanner/">PyPI</a>
+</p>

cisco_ai_skill_scanner-1.0.0.dist-info/RECORD

@@ -0,0 +1,100 @@
+skillanalyzer/__init__.py,sha256=raAwyMu06X3PXZ3YrxW9sUlZeG_UrDp4HIIUi6hN_zo,1318
+skillanalyzer/_version.py,sha256=vLA4ITz09S-S435nq6yTF6l3qiSz6w4euS1rOxXgd1M,704
+skillanalyzer/api/__init__.py,sha256=z7QSgt7lMZQ7eO9pAO-Iao6jEJQ6UPQissGfb_U4iXc,754
+skillanalyzer/api/api.py,sha256=2R8qpk_DbbhCChnvhzQCMH9FFq0xQDZLX-eMBy0wnbk,1038
+skillanalyzer/api/api_cli.py,sha256=VjxcFg-UFJJIWJMcH713tAKKEtIUB0dV66H2Yzd1mb8,2392
+skillanalyzer/api/api_server.py,sha256=XAU3QH5yz6BS3T4Tcl13yzz4x3VNK-v6KkidprepJy4,21142
+skillanalyzer/api/router.py,sha256=8c1DQI3f3xDvV7SYVSua000oGUu-Oi5YcrzofmRVYnQ,17421
+skillanalyzer/cli/__init__.py,sha256=17rrftCF-A1WQDiZ0kdBAfPHgG0ouED5wkdy-WvIRNA,763
+skillanalyzer/cli/cli.py,sha256=8ZGZXJ2ccc-93jZS3XOpZyLSAHwjkOai5TU5yG_jmfE,35511
+skillanalyzer/config/__init__.py,sha256=KQUqIL0lWI1hy_qu_EDt4EIcuW9a2ok2WVuQNViOf4g,847
+skillanalyzer/config/config.py,sha256=-7ymRfwypmBGyoOUWiSuwwRIr7Ztt8t6GcuGjm-9XKw,4714
+skillanalyzer/config/config_parser.py,sha256=XF8VwQqrBhzPuS4wf_AI-MAhlm9thgJnbIoncxIoIrs,3777
+skillanalyzer/config/constants.py,sha256=4Jck7kUtcHTIa9Hcwnbgk0lUqZvxarcdp6c86Xn4Xwk,2521
+skillanalyzer/core/__init__.py,sha256=issm88bGzNlQuFH5qy1tKzMgQbYL0ODSxsDgYjCMCKw,830
+skillanalyzer/core/exceptions.py,sha256=zWB8XubcfwEL0uZutuagr1l3rEd3w-5mB1ggNLnz6cE,2015
+skillanalyzer/core/loader.py,sha256=8pAr5nN0DLmf7Dc7xIFIT_okQ6w35RKGLyibNUDFbPU,13596
+skillanalyzer/core/models.py,sha256=ZMe9CaufG7yMzLwei1GdVidj72HlA16brVwkPGmervg,10627
+skillanalyzer/core/scanner.py,sha256=VfrG74SmFyslS3a5Z6HqSOou74u02TW1aos5Oj--_l4,14833
+skillanalyzer/core/analyzers/__init__.py,sha256=loTObGAXelxAiodtR0XzR6r1Ebw17BiuZZXN9TA3eJc,2136
+skillanalyzer/core/analyzers/aidefense_analyzer.py,sha256=al_j3HzfZIToI38WNOnqBG_AXfJEBd6QVm8_h_sjvA4,36471
+skillanalyzer/core/analyzers/base.py,sha256=4BN6dHLn2Q9hQMLAJTSJXsl6tZgfCqqBxZO9icuu70Q,1374
+skillanalyzer/core/analyzers/behavioral_analyzer.py,sha256=OcBs0abjmimbtLREkTbgQrarXvGfg18Fp8Z-Uas_gyI,19077
+skillanalyzer/core/analyzers/cross_skill_analyzer.py,sha256=4KysKr_2WR5-JbbFs0tBKf27Oj0l35KK0wREFNRcvno,18939
+skillanalyzer/core/analyzers/llm_analyzer.py,sha256=juvLmKn1n8HHOzkyizG94aPO-tz_ht-vexMmbGLZ3Mo,17836
+skillanalyzer/core/analyzers/llm_prompt_builder.py,sha256=DEz4tP0HY4p2XWbXbxfSIdkwhLCd_dWX7cDe9A3CeOA,10162
+skillanalyzer/core/analyzers/llm_provider_config.py,sha256=pbVx7N9OCohjIWjENMq-kiy6_svTn4IYvQfPxlR0M_Y,8488
+skillanalyzer/core/analyzers/llm_request_handler.py,sha256=nz_gjnDTr0dT2GbfQMqKR6-n63x38AcB5G4UnPHLY9s,11679
+skillanalyzer/core/analyzers/llm_response_parser.py,sha256=wO5ovd4se-KqIPwdZX-r0_tozaJEDUx7Q7yajKntPwk,2682
+skillanalyzer/core/analyzers/meta_analyzer.py,sha256=rFyU-BW7cmHDib93KIgdtsH5J7OIVT8Wc0Pnx87OPIE,33373
+skillanalyzer/core/analyzers/static.py,sha256=BNHmmZouX_8lbeJZlVC0P831-u9IPz9Gmft_05pI2pI,45259
+skillanalyzer/core/analyzers/trigger_analyzer.py,sha256=BJuu0nbI7BKS2aoqZnzYON825ObETsfJcIOiSxkagH4,12263
+skillanalyzer/core/analyzers/virustotal_analyzer.py,sha256=V7nG-fR2GhfdZhh8JVNvM6gOqRyUGsuxHN1yNRvmw6M,15988
+skillanalyzer/core/analyzers/behavioral/__init__.py,sha256=mY0aRrrT5y7E8SOApQ8g-IewW6LR33Y4SlsZKzl90qQ,1070
+skillanalyzer/core/analyzers/behavioral/alignment/__init__.py,sha256=nB2KWYnDu6I4yGiaewEyySzG4w96hElXiQBqJFfGmP4,1832
+skillanalyzer/core/analyzers/behavioral/alignment/alignment_llm_client.py,sha256=vklWQ7rBoyfayzs1n1J8xlCo3_nimEqCgDViCXwyOZM,8646
+skillanalyzer/core/analyzers/behavioral/alignment/alignment_orchestrator.py,sha256=zfkjFz-DDwUEOGDBpJ8cAZi5bH-VP_d_1bJTF1z0Si4,9478
+skillanalyzer/core/analyzers/behavioral/alignment/alignment_prompt_builder.py,sha256=mXkBYQDpPaqA298Jly835x_cLOUWHjSc8sBDhgMrWxs,18043
+skillanalyzer/core/analyzers/behavioral/alignment/alignment_response_validator.py,sha256=lu0gPPRbJkZJlkguqwUeSVl43HpMFypICXH_4s8Zjbo,4556
+skillanalyzer/core/analyzers/behavioral/alignment/threat_vulnerability_classifier.py,sha256=DCXnbs9Fa2ajFT0We4sOo6nxIk7O_Pc0z01fGMDHsRg,7227
+skillanalyzer/core/reporters/__init__.py,sha256=XCqeM_kiS1uvcwymDreueQ2KOzMhG5_4vQgxzReJS4w,943
+skillanalyzer/core/reporters/json_reporter.py,sha256=JLlPTbs8ncMJHAXZk7iBWCHdL5Qn2PqHOQldHeH2ZGE,1798
+skillanalyzer/core/reporters/markdown_reporter.py,sha256=1-pIwgXYBcCzqmKlxh2y2KU37TNRojqaTJ_CBSM_bSY,7842
+skillanalyzer/core/reporters/sarif_reporter.py,sha256=n5tGCXKwRJzEovlJt7j0USkmMYDsctLQdF9VIMbN95g,8285
+skillanalyzer/core/reporters/table_reporter.py,sha256=g-1W4XsJUzHW7LdzuW5CJ1krHAE5fvHViBKlw1ShFXI,7046
+skillanalyzer/core/rules/__init__.py,sha256=zGlTBVjihqxgg0BKmhdGkyeCzSvRjVEASjBh-M0sn_8,680
+skillanalyzer/core/rules/patterns.py,sha256=OuJ6mPlQVy9R8g1Pn9ozWIC8iWfDEuQamdDW5Uu8200,5833
+skillanalyzer/core/rules/yara_scanner.py,sha256=YBH9-GEqha0zDglnGx4TV-lgv14cLianuxaqlFtLyx4,5327
+skillanalyzer/core/static_analysis/__init__.py,sha256=meZnZQj7ChgHek6fIrfd-YInolXCqI37HTUTlQWEm7w,930
+skillanalyzer/core/static_analysis/context_extractor.py,sha256=ZaR5bIgfk1WQGU1G2or2vNsPQ3tmW5HU6mtyRemYdK0,29791
+skillanalyzer/core/static_analysis/cfg/__init__.py,sha256=jkvx12ZGddbRVu_0b04Bamr7JX084yD6BLxgOUEHT1w,816
+skillanalyzer/core/static_analysis/cfg/builder.py,sha256=Tm1GZ56rfOoNx-3WLmn2MNov2KzPKN-QZgJbBG-9D2c,14932
+skillanalyzer/core/static_analysis/dataflow/__init__.py,sha256=vjNUG8J5__m8HYd18VNkKxBzeAss1qugVrp0Amndg2w,834
+skillanalyzer/core/static_analysis/dataflow/forward_analysis.py,sha256=haHWJVz-SZxZpZoEwAsNOum-67ldppe_YBRMZOSJqz0,30747
+skillanalyzer/core/static_analysis/interprocedural/__init__.py,sha256=dFIglo65HpWMJ80ejB4tjv54MaNeSymQ5eowD5QGZic,798
+skillanalyzer/core/static_analysis/interprocedural/call_graph_analyzer.py,sha256=NKpixV-wlK_lwnSgLY5Tw01pAoC2kl7R6U4_PWnKicE,14062
+skillanalyzer/core/static_analysis/interprocedural/cross_file_analyzer.py,sha256=neP8pdyGhCUHJQmmTXfm0X_CFHlTHh7e3RU7HVJ0UVY,7472
+skillanalyzer/core/static_analysis/parser/__init__.py,sha256=AXCg1HHVzyjswGJl4TNFhzwMKxgin8JY2EK00RVv9_Y,769
+skillanalyzer/core/static_analysis/parser/python_parser.py,sha256=lkJKSODZkSC-Vg30eSpli_jsFeIouKt-DsSeEgce1u4,13804
+skillanalyzer/core/static_analysis/semantic/__init__.py,sha256=7HS7lJ4APpyfWLTUQ_24aJkrLX2MQTcc4erYFtLKm3o,877
+skillanalyzer/core/static_analysis/semantic/name_resolver.py,sha256=TEJQkEaTvkL7dnAZwNbcLALPVw85Qc3FS5jfr4CYEsQ,6218
+skillanalyzer/core/static_analysis/semantic/type_analyzer.py,sha256=NXEOZO8-vYZ97SQJ5Gu_YLWFDMDhtvtuixVwYGarmDM,5942
+skillanalyzer/core/static_analysis/taint/__init__.py,sha256=71JejlK110K2r3LXNIJOLGCZ7I5Q7cEn8XvfCCoEexA,809
+skillanalyzer/core/static_analysis/taint/tracker.py,sha256=1WExA8NAV62X5Az64grI41LkkyMNQ7kFS8Mzf6Id1NI,7182
+skillanalyzer/core/static_analysis/types/__init__.py,sha256=XluM6BlZ8ECfdAD-231ONJn13UeDdAGmirPAVc0zePk,937
+skillanalyzer/data/__init__.py,sha256=WztWQdxkW4nkIejCTH4VH7l6mGU-p2JuEzEUFsj3z_4,977
+skillanalyzer/data/prompts/boilerplate_protection_rule_prompt.md,sha256=wCaDgae0LU7Flsd2Q4Ob4vEeZnpc29nfX4oJjBrE-WM,1468
+skillanalyzer/data/prompts/code_alignment_threat_analysis_prompt.md,sha256=mvSoW2OekXEz9lChZPaP4hUxVQ0-O57X3VI49ZrZqoY,25442
+skillanalyzer/data/prompts/llm_response_schema.json,sha256=nBPlsOtuqv0zwIns4YY7uZsaAM0uPZ7mkcqe8tNDHl8,2971
+skillanalyzer/data/prompts/skill_meta_analysis_prompt.md,sha256=O6vUsmCoqDvsd8j8ZbCCzYDdKYZd_UtXgRUJU4xaT4g,13924
+skillanalyzer/data/prompts/skill_threat_analysis_prompt.md,sha256=SLSlPbQ_7ASyivbQFnu_MKXJkTx1CMpudb4x5_mykY0,11651
+skillanalyzer/data/prompts/unified_response_schema.md,sha256=JzUGSRmF9J0cMcOWy05GGPWyGyYGkto4VPaXL59FWgM,3572
+skillanalyzer/data/rules/signatures.yaml,sha256=EMNH1JU5PRU0o8BZai_WzjNXX3UDlv3Gle2SpNt-hb8,16476
+skillanalyzer/data/yara_rules/autonomy_abuse.yara,sha256=MuS_YbczaPY4e58dvtaa4nQx6pdcklNjOWtkdo5YLew,2582
+skillanalyzer/data/yara_rules/code_execution.yara,sha256=9QP_JR8ZdLCPuDgJMLee6FgsIQPV5UNSBPnOcInHD1M,1898
+skillanalyzer/data/yara_rules/coercive_injection.yara,sha256=3QNzoiHDyhk1zUXHv7_COtCBSsr-bb--H4wKeNRCbBM,5359
+skillanalyzer/data/yara_rules/command_injection.yara,sha256=8I4mztCPgIZhAipr6GeZbEIi4v6kowVYrqw_ay1ny-w,2165
+skillanalyzer/data/yara_rules/credential_harvesting.yara,sha256=7W0pSKpW2KAmek1qP_DpjMHKuswv5L36tWusjuEl6Pc,5643
+skillanalyzer/data/yara_rules/prompt_injection.yara,sha256=q5tT7-L__x9RCjdAbFLcs9mSs8gZOmPPzjbdNKRwIHE,2715
+skillanalyzer/data/yara_rules/script_injection.yara,sha256=pzVPd7b9WNAS5iw8ZMoUgojKSBlEeSTLHLBho8UiMmA,3100
+skillanalyzer/data/yara_rules/skill_discovery_abuse.yara,sha256=gCgFcdFyLFU__7VPZIk8Hgp6ZMw31SPzDUPlpjNa69E,2453
+skillanalyzer/data/yara_rules/sql_injection.yara,sha256=pWq3ccqEvQtWz4fU8dQOkhCgVl6US9SZJDfuBU_YCY4,3691
+skillanalyzer/data/yara_rules/system_manipulation.yara,sha256=XoO17sZrarzdC58yyHaIz8z36x5xyxzmQXBnkYdoYfM,2231
+skillanalyzer/data/yara_rules/tool_chaining_abuse.yara,sha256=T-G3Tib8lU53ZYFdjlI2EEs6qQnZ831oUDNj2vjtONA,2256
+skillanalyzer/data/yara_rules/transitive_trust_abuse.yara,sha256=msYKqzbeFWe4mSLsdX8nJwOwuTV9nLFKDf8dXY2wJ8g,2773
+skillanalyzer/data/yara_rules/unicode_steganography.yara,sha256=5UxTvcy8CeWJLrPeldgJ9rY5gfODlC9bTNOkCauuOJA,2650
+skillanalyzer/hooks/__init__.py,sha256=ufSIo7sdtGxRD4lVDOVqBOqF3dhgEZRSkTu-UT5ZkcA,740
+skillanalyzer/hooks/pre_commit.py,sha256=y-9lz4OD2ILlYpbUa8S1uUjBfNDmU8EC-tWyUGU5NY8,13223
+skillanalyzer/threats/__init__.py,sha256=PiQ3frPbbaiKmdcxsan-NAgYDOYn_jhr-44-jSIysoY,883
+skillanalyzer/threats/threats.py,sha256=egFsT1crNlWQH3szG8yYIURMXXGh7GJnH3wI8w05nfI,21449
+skillanalyzer/utils/__init__.py,sha256=KnfUi433fGDKwck57kob4vuA8upzwSC-Na6OHrZ2uDc,907
+skillanalyzer/utils/command_utils.py,sha256=dTjN3Uzpk3dw5u7jbbOKO0j5FwmjYqcKlpr0vDA_1y4,4292
+skillanalyzer/utils/di_container.py,sha256=0wsQaVFkVLzORVEoMpSoZK_wOJrKTCAkTFkeEuTPzos,4586
+skillanalyzer/utils/file_utils.py,sha256=LT2xwrbqIWaYC-BYAL9zpF6a2xk6QNUVzItvGGJcBn8,2043
+skillanalyzer/utils/logging_config.py,sha256=wJ3HUNmGECgWE9jwz-SSuUMN-xTde6ybF4Yqa8Qrix4,2940
+skillanalyzer/utils/logging_utils.py,sha256=CLdOYmQdJejiLbcECTT2CbDU27PJ327AFMmeuVfCy94,1902
+cisco_ai_skill_scanner-1.0.0.dist-info/METADATA,sha256=oh3eKpG8h_pfWcIDdV4z6aAM38Yz-Pv1ZybReEqhYys,9290
+cisco_ai_skill_scanner-1.0.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+cisco_ai_skill_scanner-1.0.0.dist-info/entry_points.txt,sha256=IQSseT8ZcU7aaqYdl20wC1-TqKlklZR2Nw609NBQARw,175
+cisco_ai_skill_scanner-1.0.0.dist-info/licenses/LICENSE,sha256=b4va5sK_CWxpeDnOO2MF0MKqsiwU-3YblMmWKnmuWZg,653
+cisco_ai_skill_scanner-1.0.0.dist-info/RECORD,,

cisco_ai_skill_scanner-1.0.0.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.28.0
+Root-Is-Purelib: true
+Tag: py3-none-any

cisco_ai_skill_scanner-1.0.0.dist-info/entry_points.txt

@@ -0,0 +1,4 @@
+[console_scripts]
+skill-scanner = skillanalyzer.cli.cli:main
+skill-scanner-api = skillanalyzer.api.api_cli:main
+skill-scanner-pre-commit = skillanalyzer.hooks.pre_commit:main

cisco_ai_skill_scanner-1.0.0.dist-info/licenses/LICENSE

@@ -0,0 +1,17 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+Copyright 2026 Cisco Systems, Inc. and its affiliates
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

skillanalyzer/__init__.py

@@ -0,0 +1,45 @@
+# Copyright 2026 Cisco Systems, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""
+Claude Skill Analyzer - Security scanner for Claude Skills packages.
+"""
+
+__version__ = "0.2.0"
+__author__ = "Cisco Systems, Inc."
+
+# Core exports
+from .config.config import Config
+from .config.constants import SkillAnalyzerConstants
+from .core.loader import SkillLoader, load_skill
+from .core.models import Finding, Report, ScanResult, Severity, Skill, ThreatCategory
+from .core.scanner import SkillScanner, scan_directory, scan_skill
+
+__all__ = [
+    "SkillScanner",
+    "scan_skill",
+    "scan_directory",
+    "Skill",
+    "Finding",
+    "ScanResult",
+    "Report",
+    "Severity",
+    "ThreatCategory",
+    "SkillLoader",
+    "load_skill",
+    "Config",
+    "SkillAnalyzerConstants",
+]

skillanalyzer/_version.py

@@ -0,0 +1,34 @@
+# file generated by setuptools-scm
+# don't change, don't track in version control
+
+__all__ = [
+    "__version__",
+    "__version_tuple__",
+    "version",
+    "version_tuple",
+    "__commit_id__",
+    "commit_id",
+]
+
+TYPE_CHECKING = False
+if TYPE_CHECKING:
+    from typing import Tuple
+    from typing import Union
+
+    VERSION_TUPLE = Tuple[Union[int, str], ...]
+    COMMIT_ID = Union[str, None]
+else:
+    VERSION_TUPLE = object
+    COMMIT_ID = object
+
+version: str
+__version__: str
+__version_tuple__: VERSION_TUPLE
+version_tuple: VERSION_TUPLE
+commit_id: COMMIT_ID
+__commit_id__: COMMIT_ID
+
+__version__ = version = '1.0.0'
+__version_tuple__ = version_tuple = (1, 0, 0)
+
+__commit_id__ = commit_id = None

skillanalyzer/api/__init__.py

@@ -0,0 +1,25 @@
+# Copyright 2026 Cisco Systems, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""
+REST API server for Claude Skill Analyzer.
+
+Matches MCP Scanner's API structure.
+"""
+
+from .api import app
+
+__all__ = ["app"]

skillanalyzer/api/api.py

@@ -0,0 +1,34 @@
+# Copyright 2026 Cisco Systems, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""API module for Skill Analyzer.
+
+This module provides a FastAPI application for scanning Claude Skills packages.
+"""
+
+from fastapi import FastAPI
+
+from .router import router as api_router
+
+app = FastAPI(
+    title="Claude Skill Analyzer API",
+    description="Security scanning API for Claude Skills packages",
+    version="0.2.0",
+    docs_url="/docs",
+    redoc_url="/redoc",
+)
+
+app.include_router(api_router)

skillanalyzer/api/api_cli.py

@@ -0,0 +1,78 @@
+# Copyright 2026 Cisco Systems, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""
+CLI for running the API server.
+"""
+
+import argparse
+import sys
+
+
+def main():
+    """Main entry point for API server CLI."""
+    parser = argparse.ArgumentParser(
+        description="Claude Skill Analyzer API Server",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+        epilog="""
+Examples:
+  # Start server on default port
+  skill-analyzer-api
+
+  # Start on custom port
+  skill-analyzer-api --port 8080
+
+  # Start with auto-reload for development
+  skill-analyzer-api --reload
+
+  # Custom host and port
+  skill-analyzer-api --host 0.0.0.0 --port 9000
+        """,
+    )
+
+    parser.add_argument("--host", default="0.0.0.0", help="Host to bind to (default: 0.0.0.0)")
+
+    parser.add_argument("--port", type=int, default=8000, help="Port to bind to (default: 8000)")
+
+    parser.add_argument("--reload", action="store_true", help="Enable auto-reload for development")
+
+    args = parser.parse_args()
+
+    try:
+        import uvicorn
+    except ImportError:
+        print("Error: API server dependencies not installed.", file=sys.stderr)
+        print("Install with: pip install fastapi uvicorn python-multipart", file=sys.stderr)
+        return 1
+
+    print("Starting Claude Skill Analyzer API Server...")
+    print(f"Server: http://{args.host}:{args.port}")
+    print(f"Docs: http://{args.host}:{args.port}/docs")
+    print(f"Health: http://{args.host}:{args.port}/health")
+    print()
+
+    try:
+        uvicorn.run("skillanalyzer.api.api:app", host=args.host, port=args.port, reload=args.reload)
+    except KeyboardInterrupt:
+        print("\nShutting down server...")
+        return 0
+    except Exception:
+        print("Error: Could not start API server", file=sys.stderr)
+        return 1
+
+
+if __name__ == "__main__":
+    sys.exit(main())