SkillSec-Eval for Agent Skill Security

SkillSec-Eval for Agent Skill Security

SkillSec-Eval evaluates reusable LLM-agent skills across repository admission, semantic retrieval, planner selection, execution, and evolution.

TL;DR — SkillSec-Eval is a lifecycle-aware framework for evaluating reusable LLM-agent skills. The abstract says it builds a threat taxonomy over repository admission, semantic retrieval, planner selection, execution, and skill evolution, then evaluates 327 real-world skills. Its reported finding is qualitative: vulnerabilities arise at multiple lifecycle stages beyond execution.

Abstract-supported scope

The abstract frames reusable skills as a core unit for LLM agents: they let capabilities be “packaged, shared, and reused across diverse applications.” The paper’s contribution is SkillSec-Eval, a lifecycle-aware framework for evaluating the security of those reusable agent skills.

Fact supported by the abstract: the framework covers repository admission, semantic retrieval, planner selection, execution, and skill evolution.

Not supported by the abstract: specific attack implementations, defense mechanisms, operational controls, scoring rules, model choices, or vulnerability rates.


Full analysis, extracted claims, numerical results, entity graph, FAQ, related work, applications, and BibTeX are available via x402 micropayment.

What you get for 0.226 USDC

Agents: send Accept: application/json for a typed payload. Unauthenticated calls receive HTTP 402 with x402 v2 payment requirements.

Fetch full article (0.226 USDC)JSONFree metadataGET /api/public/article/skillsec-eval-for-agent-skill-security-713987/full

Questions this article answers

Full answers included in the paid body.