What happened
OWASP has stood up a new project page, 'Agentic Skills Top 10,' cataloguing ten security risks specific to AI agent 'skills' (installable capability modules such as Claude/ClawHub SKILL.md packages) — including AST01 Malicious Skills, AST02 Supply Chain Compromise, AST03 Over-Privileged Skills, AST04 Insecure Metadata, AST05 Untrusted External Instructions, and AST07 Update Drift. Page content is marked 'Last updated: June 2026,' and third-party vendors (e.g., Fortinet's FortiCNAPP Code Security) are already mapping detection rules to the taxonomy as of early July 2026, indicating recent/active publication.
Why it matters
Agent 'skills' (markdown-defined capability packages with low publication barriers and no code-signing/sandboxing by default) are an emerging and largely ungoverned supply-chain vector for agentic AI; a dedicated OWASP taxonomy gives security teams and tool vendors a shared reference for scanning, review, and incident classification specific to this attack surface, distinct from the broader OWASP Top 10 for Agentic Applications.
Action needed
AI/agent security teams building or consuming agent 'skills' (e.g., Claude Skills, ClawHub packages) should map skill review/scanning controls to AST01–AST10, and vendors offering agent supply-chain scanning should track the taxonomy for coverage claims.