SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
Summary
Researchers created SkillCloak, a tool that disguises malicious AI agent skills (small add-on packages that give coding agents new abilities) so they fool security scanners more than 90% of the time by rewriting suspicious code patterns or hiding payloads in directories scanners skip. Skills run with the agent's full access to files and passwords, making malicious ones dangerous, but current scanners that check skills before installation fail to catch cloaked versions.
Solution / Mitigation
The researchers propose SKILLDETONATE, a runtime checker that watches what a skill actually does at the operating-system level (what files it reads/writes, where it sends data) instead of analyzing how it looks. According to the source, this approach caught 97% of attacks with a 2% false-alarm rate on safe skills, and maintained effectiveness even when skills were cloaked, though it takes a couple of minutes per skill to run.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/07/new-skillcloak-technique-lets-malicious.html
First tracked: July 6, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 92%