CtrlK
BlogDocsLog inGet started
Tessl Logo

CodeGuard MCP Meta Skill

Instructs AI coding agents to invoke CodeGuard MCP Server security rules before writing or reviewing code.

Invalid
This skill can't be scored yet
Validation errors are blocking scoring. Review and fix them to unlock Quality, Impact and Security scores. See what needs fixing →
SKILL.md
Quality
Evals
Security

Security

1 critical severity finding. Installing this skill is not recommended: please review these findings carefully if you do intend to do so.

Critical

E006: Malicious code pattern detected in skill scripts

What this means

Detected high-risk code patterns in the skill content — including its prompts, tool definitions, and resources — such as data exfiltration, backdoors, remote code execution, credential theft, system compromise, supply chain attacks, and obfuscation techniques.

Why it was flagged

Malicious code pattern detected (high risk: 0.90). The document mandates unconditional invocation of external "CodeGuard" tools that "automatically include metadata" and requires reporting tool usage, which creates a high risk of forced data exfiltration and a covert external dependency/backdoor.

Report incorrect finding
Repository
cosai-oasis/project-codeguard
Audited
Security analysis
Snyk

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.