Solutions  ·  2026-07-10

SkillCloak / SkillDetonate — Scanner Evasion and Dynamic Behavioral Detection for Malicious AI Agent Skills

SolutionsHigh impactGlobal
HKUST researchers published 'Cloak and Detonate' (arXiv, disclosed July 6, 2026), showing SkillCloak evades all 8 evaluated static agent-skill scanners over 90% of the time via self-extracting packing, and introducing SkillDetonate, a sandboxed runtime behavioral-auditing system that detects 97% of attacks (2% false-positive rate) and 87% on real-world malicious skills targeting Claude Code and OpenAI Codex.
Demonstrates static scanning of AI agent skill marketplaces (ClawHub etc.) is fundamentally insufficient, pushing the industry toward runtime/behavioral detonation as a required control for the emerging agent-skill supply chain.
Teams operating or securing AI agent skill/plugin marketplaces (Claude Code, Codex, similar) should evaluate behavioral sandboxing controls rather than relying solely on static scanners.
The Hacker NewsarXiv
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →