Inline security warnings for AI agent skills. Automatically detects code injection, prompt injection, credential exfiltration, and supply chain attacks as you edit.
- Inline diagnostics — Security findings appear directly in the editor with squiggly underlines
- Auto-scan on save — Every save triggers a scan of the current skill
- Workspace scan — Scan your entire workspace with one command
- Status bar — Shows current trust level (Safe / Caution / Danger)
- Smart skill detection — Automatically finds SKILL.md root directories
- isnad-scan installed (
pip install isnad-scan) - Python 3.8+
- Open a workspace containing AI agent skills
- The extension auto-activates when it finds
SKILL.mdorAGENTS.md - Security findings appear as inline warnings/errors
- ISNAD: Scan Workspace — Full workspace scan
- ISNAD: Scan Current File — Scan the current file's skill directory
| Setting | Default | Description |
|---|---|---|
isnad-scan.pythonPath |
python3 |
Python interpreter path |
isnad-scan.scanOnSave |
true |
Auto-scan on file save |
isnad-scan.scanOnOpen |
true |
Auto-scan when opening files |
isnad-scan.showInfoFindings |
false |
Show INFO-level findings |
| Category | Examples |
|---|---|
| Code Injection | eval(), exec(), __import__(), dynamic code execution |
| Prompt Injection | Hidden instructions, override keywords, suppression patterns |
| Credential Exfiltration | Obfuscated URLs, env harvesting, encoded payloads |
| Supply Chain | Suspicious dependencies, typosquatting, install hooks |
| Network | Unauthorized HTTP calls, WebSocket C2, DNS exfiltration |
The extension runs isnad-scan --json on your skill directories and maps findings to VS Code diagnostics. Each finding includes:
- Severity — Error (DANGER), Warning (WARN), or Info
- Pattern ID — Machine-readable identifier (e.g.,
eval_usage,hidden_url_html) - Description — Human-readable explanation
- Line — Exact line number in the source file
- Match — The specific text that triggered the finding
| Level | Meaning |
|---|---|
| 🟢 SAFE | No issues found |
| 🟡 CAUTION | Minor issues, review recommended |
| 🔴 DANGER | Security issues detected — do not run this skill |
This extension is part of the ISNAD Protocol — the trust layer for AI agent skills.
- Report issues: counterspec/isnad-vscode
- Bounty program: isnad.md/bounties
MIT