Security and Governance

New: Security scores powered by Snyk

Govern what your AI agents know and do

Find, install, version, and evaluate the skills and context your coding agents rely on, so they behave consistently across tools and projects.

Request a demo Run a free security scan

Skill activations

Skill activations across the org each week.

1,251

9 Mar

16 Mar

132

23 Mar

109

30 Mar

188

6 Apr

247

13 Apr

211

20 Apr

286

Plugin installs

New plugin installations each week.

155

9 Mar

16 Mar

23 Mar

30 Mar

6 Apr

13 Apr

20 Apr

Eval runs

Evals executed each week.

431

9 Mar

16 Mar

23 Mar

30 Mar

6 Apr

13 Apr

20 Apr

Policy violations

Policy events that triggered a block or want

9 Mar

16 Mar

23 Mar

30 Mar

6 Apr

13 Apr

20 Apr

Trusted by engineering teams at

AI agents introduced a new attack surface. Most teams have no playbook.

Skills are installed with no visibility, execute with full trust, and a malicious or misconfigured skill won't announce itself. Tessl is the control plane for agent skills. Every skill that enters your environment is scanned, scored, and governed, before it touches production.

No Visibility

Teams can't detect threats they can't see. Skills run across dev environments with no record of what's installed, who approved it, or what version is active.

Automated Governance

Encode security standards as skills. Mandate them across the org automatically, apply them at every PR, and improve them with a continuous eval loop.

No Controls

Agents don't sandbox skills. They execute them. Without policy gating, one bad instruction can become a full credential exfiltration.

Secure Consumption

Every skill in the Tessl registry is security-scanned and scored before installation. Gate by source, severity, and version with org-level policy.

No Enforcement

Security standards live in wikis. As agents act autonomously, the gap between policy and what actually runs keeps growing.

Full Visibility

Know what every agent is running, who approved it, and when. Skill inventory, admin audit logs, and analytics surfaced to org administrators.

SECURE CONSUMPTION

Scanned, scored, and ready before installation

A malicious skill doesn't look different from a legitimate one. Every skill in the Tessl registry is automatically audited before it reaches your environment, so you have a verified security signal at installation, not a forensics problem after the fact.

Security badge and automated audit on every registry skill
Private registries for org-scoped skill distribution
Install & publish policy gating by source, severity, and version

VISIBILITY

Always know what your agents are running, and why

You can't govern what you can't see. Tessl surfaces complete skill inventory across your development environment, paired with admin audit logs that track every install, block, and approval decision.

Full skill inventory scoped to Tessl-managed agents
Admin audit logs with actor, timestamp, and policy context
Analytics and reporting for org administrators
SIEM export for security team integration

GOVERNANCE

Security standards that agents actually follow

Define your security policies, coding standards, and safety boundaries once, as a skill, and Tessl enforces them automatically: during development, at code review, and across agentic flows in your org.

Encode security standards into skills agents apply automatically
Tessl-powered code review checks against your policies
Mandated skills pushed automatically, no manual install
Policy-driven PR enforcement with eval feedback loop

Why skills need their own security model

“The agent ecosystem is where open source was fifteen years ago — rapid innovation with very little security infrastructure, but agent skills introduce a new challenge: they shape autonomous behavior through natural language, meaning we need models that understand intent. What we're doing by integrating Snyk directly into the Tessl Registry is establishing those vital trust signals early. We're ensuring the agent ecosystem grows with security built in, not bolted on afterward.”