{"id":21756,"date":"2026-06-16T18:05:00","date_gmt":"2026-06-16T16:05:00","guid":{"rendered":"http:\/\/stocks-future.com\/?guid=34b64cc70bd11cb23530f3f620b8d7cc"},"modified":"2026-06-16T18:05:00","modified_gmt":"2026-06-16T16:05:00","slug":"mitiga-labs-launches-skillgate-to-detect-risks-in-ai-agent-skills-and-configurations","status":"publish","type":"post","link":"https:\/\/stocks-future.com\/?p=21756","title":{"rendered":"Mitiga Labs Launches Skillgate to Detect Risks in AI Agent Skills and Configurations"},"content":{"rendered":"<p>\n<i>The free scanner detects, flags, and scores attack techniques hidden in AI agent skills, hooks, and configuration files before an agent acts on them<\/i><\/p><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260616300917\/en\/2832429\/4\/Black_Full_Logo.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260616300917\/en\/2832429\/22\/Black_Full_Logo.jpg\" \/><\/a><br\/><a href=\"https:\/\/mms.businesswire.com\/media\/20260616300917\/en\/2832429\/4\/Black_Full_Logo.jpg\"><img src=\"https:\/\/mms.businesswire.com\/media\/20260616300917\/en\/2832429\/21\/Black_Full_Logo.jpg\" \/><\/a><p>NEW YORK--(BUSINESS WIRE)--Mitiga, the leader in agentic runtime security for cloud, SaaS, and AI, today announced the release of <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fskillgate.mitiga.io%2F&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=Skillgate&amp;index=1&amp;md5=ac863854e929aed244cce6df6b75344e\" rel=\"nofollow\" shape=\"rect\">Skillgate<\/a>, a free tool from <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.mitiga.io%2Fmitiga-labs&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=Mitiga+Labs&amp;index=2&amp;md5=f08d5433ebb1e756e8fdac694e2bb8cc\" rel=\"nofollow\" shape=\"rect\">Mitiga Labs<\/a> that scans the configuration files AI agents rely on \u2013 including skills, hooks, agent rules, MCP server configurations, and instruction files such as CLAUDE.md and AGENTS.md. Skillgate detects, flags, and scores them for prompt injection, hook remote code execution (RCE), credential exfiltration, and other attack techniques. Skillgate is available now at <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fskillgate.mitiga.ai%2F&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=skillgate.mitiga.ai&amp;index=3&amp;md5=8e80e5432a08057f04450ec76aa6b30c\" rel=\"nofollow\" shape=\"rect\">skillgate.mitiga.ai<\/a>.<\/p><p>\nAI agents and skills increasingly incorporate third-party instructions, not just prompts. Developers can install a skill from a marketplace with a single click, enabling an agent to read files, call APIs, and open pull requests \u2013 often without human oversight. Yet few users inspect those files before installation, creating a supply chain risk reminiscent of the software ecosystems the industry has spent years securing.<\/p><p>\nMitiga Labs has documented these risks in its \u201c<a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.mitiga.io%2Fblog%2Fai-agent-supply-chain-risk-silent-codebase-exfiltration-via-skills&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=License+to+Skill&amp;index=4&amp;md5=3be8190636cc444ff070d2504e57cc04\" rel=\"nofollow\" shape=\"rect\">License to Skill<\/a>\u201d series of research. In one case, a seemingly benign testing skill silently pushed an entire codebase to an attacker-controlled repository without user prompts and with no audit log. In another, a hook configured to run at the start of every agent session executed a hidden script that shipped local credentials to an attacker. Poisoned skills spread through blogs and public marketplaces much like poisoned packages spread through open-source registries.<\/p><p>\nThese cases come out of a six-month <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=http%3A%2F%2Fwww.mitiga.io%2Fblog%2Fmalware-in-ai-instruction-files-skillgate&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=Mitiga+Labs+study&amp;index=5&amp;md5=3f966df6bca96003d3d315e6e4d2a9c1\" rel=\"nofollow\" shape=\"rect\">Mitiga Labs study<\/a> of more than 50,000 AI instruction files across 7,000+ public repositories (April\u2013June 2026). At that scale, the team found attacker-controlled <code>ANTHROPIC_BASE_URL<\/code> overrides rerouting Claude traffic through third-party proxies, and more than 1,230 API keys and tokens left hardcoded across agent and MCP server configurations. Mitiga Labs is also tracking a live prompt-exfiltration technique that turns the agent itself into a keylogger for a developer's prompts, with a full report to follow.<\/p><p class=\"bwmarginl1\">\n<i>People install skills the way we used to double-click email attachments \u2013 quickly and without looking inside. A skill, hook, or CLAUDE.md file contains instructions that an agent will execute automatically. Skillgate helps users understand what\u2019s actually in those files and assess the risk before an agent loads them. We made it free because every team experimenting with agentic AI faces this challenge today.<\/i><\/p><p class=\"bwmarginl1\">\n\u2014 Idan Cohen, Cloud Security Researcher, Mitiga<\/p><p>\n<b>How Skillgate Works<\/b><\/p><p>\nUsers can paste a public GitHub repository URL into Skillgate, which pins the scan to a specific commit. It reads the file with signature and Abstract Syntax Tree (AST) analysis, plus an LLM-as-judge step, and maps each finding to a known attack technique. No code is executed during the process.<\/p><p>\nThe resulting report provides a risk score out of 100 and a verdict \u2013 Clean, Risky, Suspicious, or Dangerous \u2013 along with an explanation of the score, findings grouped by severity, and fixes for each detection. Individual files can be scanned in seconds, while full repository scans typically complete within minutes.<\/p><p>\nSkillgate applies more than 80 detection rules across 6 technique families, including direct execution, prompt manipulation, tool and MCP poisoning, supply chain, obfuscation, and credential exposure. Findings are mapped to both the OWASP Agentic AI Top 10 and MITRE ATT&amp;CK and ATLAS frameworks.<\/p><p>\nSkillgate is designed to cover the full agent-configuration surface, including SKILL.md, hooks, CLAUDE.md, Cursor, Continue, and Cline rules, MCP tool descriptions, and settings files. It also supports bulk-URL submission for repository-wide analysis.<\/p><p class=\"bwmarginl1\">\n<i>AI agents and skills are now wired into cloud, SaaS, and developer pipelines, yet they incorporate third-party instructions most teams never review. Skillgate gives the community a practical safety net so they can use the wealth of publicly available skills they find with increased confidence. It\u2019s exactly the kind of research-driven tool Mitiga Labs was created to build.<\/i><\/p><p class=\"bwmarginl1\">\n\u2014 Ofer Maor, Co-Founder and Chief Technology Officer, Mitiga<\/p><p>\n<b>Availability<\/b><\/p><p>\nSkillgate is free and available now at skillgate.mitiga.ai. Browsing public scans is anonymous, while submitting a skill or repository for analysis requires a free account.<\/p><p>\n<b>About Mitiga Labs<\/b><\/p><p>\nMitiga Labs is Mitiga\u2019s research division, formalizing years of work investigating emerging cloud, SaaS, AI, and identity threats. Skillgate is productized research from the Labs\u2019 <a  href=\"https:\/\/cts.businesswire.com\/ct\/CT?id=smartlink&amp;url=https%3A%2F%2Fwww.mitiga.io%2Fblog%2Fai-agent-supply-chain-risk-silent-codebase-exfiltration-via-skills&amp;esheet=54554521&amp;newsitemid=20260616300917&amp;lan=en-US&amp;anchor=%26%238220%3BLicense+to+Skill%26%238221%3B&amp;index=6&amp;md5=17a311a06e32b80c317f715b432b5a6a\" rel=\"nofollow\" shape=\"rect\">\u201cLicense to Skill\u201d<\/a> series on AI agent supply-chain attacks.<\/p><p>\n<b>About Mitiga<\/b><\/p><p>\nMitiga takes cyber resilience from idea to reality by providing a critical safety net for cyber defenders operating across today\u2019s expanding cloud and AI attack surface. Built for the reality that attacks are inevitable, Mitiga\u2019s Agentic Runtime Security for cloud, SaaS, and AI catches attacks from anomalies and threat intelligence, and contains them before they cause business impact.<\/p><p>\nDelivered through Zero-Impact cloud detection and response powered by Helios AIDR, Mitiga tracks activity as it happens, decodes it into a clear attack timeline, and stops active threats before they become headlines. In a world where attackers no longer break in but log in, Mitiga keeps organizations in control.<\/p><p>\nLet them come.<\/p><br\/> <b>Contacts<\/b> <br\/><p>\n<b>Media Contact<\/b><br\/>5WPR \u2014 <b><a  href=\"mailto:mitiga@5wpr.com\" rel=\"nofollow\" shape=\"rect\">mitiga@5wpr.com<\/a><\/b> \u2014 212-999-5585<\/p>","protected":false},"excerpt":{"rendered":"<p>The free scanner detects, flags, and scores attack techniques hidden in AI agent skills, hooks, and configuration files before an agent acts on themNEW YORK&#8211;(BUSINESS WIRE)&#8211;Mitiga, the leader in agentic runtime security for cloud, SaaS, and AI, toda&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-21756","post","type-post","status-publish","format-standard","hentry","category-infos-businesswire"],"_links":{"self":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/21756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=21756"}],"version-history":[{"count":1,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/21756\/revisions"}],"predecessor-version":[{"id":21757,"href":"https:\/\/stocks-future.com\/index.php?rest_route=\/wp\/v2\/posts\/21756\/revisions\/21757"}],"wp:attachment":[{"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=21756"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=21756"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stocks-future.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=21756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}