Definition
A security technique that runs a suspicious AI 'skill' or plugin in an isolated test environment and watches what it actually does, instead of just scanning its code for known bad patterns. This catches malicious skills that are specifically designed to look harmless to static scanners but reveal harmful behavior only once executed.
Why it matters
Research shows attackers can already evade simple code-scanning of AI skill marketplaces, so enterprises adopting AI agent 'skills' need this runtime layer of defense, not just a one-time upload check.