Best AI Skills for Security & Privacy in 2026: 12 Compared

The Security & Privacy category was the most surprising one to rank. I went in expecting standard fare — SAST, secrets management, OWASP-checkers — and found instead that the top of the list is a meta-category: skills that vet OTHER skills before you install them. Five of the top 12 (Skill Vetter, SkillScan, Skill Scanner, Skill Vetting, skill-guard) are specifically about pre-install audits for Claude Code skills themselves. That tells you where the threat model has actually landed: the supply chain is the security problem, and the ecosystem is policing itself. We ranked all 167 security skills in the catalog and picked the top 12.

Quick Pick

Skill Vetter — runs a fast, opinionated red-flag scan on any skill before it touches your Claude Code installation. The skill ecosystem's first-line defense against supply-chain attacks, and the highest-installed security tool in the catalog by a wide margin (183K signal).

What These Skills Actually Do

Security & Privacy in AI-native development is structurally different from traditional appsec. The classic concerns are still here — auth, secrets, dependency vulnerabilities — but a new threat surface has emerged on top: the skills themselves are executable instructions that ship with permissions, and a malicious skill can do anything Claude Code can do. The category now covers four distinct sub-themes:

• Skill vetting (the new threat model) — pre-install red-flag scans, permission-scope audits, malware/exfiltration detection in skill manifests
• Code security (traditional appsec) — OWASP top 10, secrets scanning, auth flow review, input validation
• Runtime security — MITM proxies that log agent traffic, prompt-injection guards, antivirus-style policy enforcement
• Identity & access — 1password integration, decentralized agent identity (ERC-8004 attestations)

A great skill in this category encodes a specific threat model and the matching countermeasure. The mediocre ones list generic best practices an LLM already knows. Skim the descriptions below — the ones that name what they're scanning for (exfiltration, prompt injection, hardcoded secrets, CSP misconfigurations) are the ones doing real work.

How We Ranked

We sorted 12 candidate skills by a composite score:

• Popularity signal — the highest of GitHub stars, install count, or ClawHub download count. Log-scaled so a 100-star skill doesn't get buried under a 100,000-star one if the smaller one is meaningfully better.
• Quality score — when set, a 0–5 rubric that breaks ties within popularity tiers. Roughly 15% of catalog skills carry a quality score today; we surface it in the comparison table when available.

The formula is identical across the entire Best-Of 2026 series, so you can compare apples to apples between categories.

The Top 12

1. Skill Vetter

Skill · spclaudehome/skill-vetter · 183.0K signal · quality unrated Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.

The take: The "antivirus for skills" category just emerged this quarter, and Skill Vetter is the clear winner by install velocity. The mechanic is simple — point it at a skill before you install, get back a permission-scope summary and red-flag report. The reason it ranks so far above everything else: when supply-chain attacks finally start hitting Claude Code skills, the tools we install first are the meta-tools that protect everything we install after.

View source · Install

2. SkillScan

Skill · tokauthai/skillscan · 92.9K signal · quality unrated Security gate for skills. Every new skill MUST pass SkillScan before use. Activate on any install, load, add, evaluate, or safety question about a skill.

The take: Stricter than #1 — runs as a gate (every skill MUST pass) rather than an advisory scanner. Install this instead of Skill Vetter if you want enforcement rather than recommendations; install both if you want a layered policy.

View source · Install

3. Security Auditor

Skill · jgarrison929/security-auditor · 22.1K signal · quality unrated Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention.

The take: The most useful traditional-appsec skill in the catalog. Covers the OWASP top 10 with specific remediation patterns rather than vague guidance. The strongest fit when you've shipped an MVP fast and now need a structured walk-through before exposing it to real users — exactly the insecure-by-inexperience failure mode from the Founder's Playbook series.

View source · Install

4. 1password

Skill · steipete/1password · 21.4K signal · quality unrated Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

The take: The "stop committing .env files" skill. Wraps the 1Password CLI so Claude can fetch secrets at runtime instead of having them sit in plaintext on your machine. Adds maybe 200ms per command and removes one of the most embarrassing categories of public GitHub leak.

View source · Install

5. MoltGuard - Security & Antivirus & Guardrails

Skill · thomaslwang/moltguard · 21.2K signal · quality unrated OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and malicious skill behaviors.

The take: Runtime defense, not pre-install. Sits in the request loop and watches what Claude is actually doing — flags prompt-injection attempts, monitors for exfiltration patterns, blocks known-malicious behaviors. The complement to skill-vetting tools: vet beforehand, guard during.

View source · Install

6. Skill Vetter - Pre-Install Security Review

Skill · donovanpankratz-del/openclaw-skill-vetter · 18.6K signal · quality unrated Security vetting protocol before installing any AI agent skill. Red flag detection for credential theft, obfuscated code, exfiltration. Risk classification levels.

The take: Same idea as #1 with a more structured output — risk-level classification (Low/Medium/High/Critical) rather than a single red-flag list. Worth installing if your team needs to communicate risk tier to non-technical stakeholders ("this skill is High risk because X").

View source · Install

7. Skill Scanner

Skill · bvinci1-design/skill-scanner · 17.5K signal · quality unrated Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Detects data exfiltration, system modification attempts.

The take: Goes deeper than the manifest-level checks the others do — actually scans for malicious code patterns including crypto-miners (which have started showing up in skill ecosystems for the same reason they show up in npm). Heavier scan, more friction, catches more real threats. Use for high-stakes environments.

View source · Install

8. ClawSec

Skill · chrisochrisochriso-cmyk/clawsec · 13.8K signal · quality unrated Manage and operate ClawSec Monitor v3.0, a MITM HTTP/HTTPS proxy that logs AI agent traffic, detects exfiltration and injection threats in real time.

The take: The most aggressive option in the category — a real MITM proxy in front of the agent so you can see exactly what's leaving your machine. Operational overhead is real (certificate management, performance hit), but it's the only thing in this list that gives you forensic-grade visibility after an incident.

View source · Install

9. Skill Vetting

Skill · eddygk/skill-vetting · 13.7K signal · quality unrated Vet ClawHub skills for security and utility before installation. Evaluate third-party code, assess whether a skill is worth installing.

The take: The "is this useful AND safe" framing distinguishes it from the security-only scanners above. Mixes security review with capability review, which is what most installs actually need.

View source · Install

10. Verified Agent Identity

Skill · obrezhniev/verified-agent-identity · 13.0K signal · quality unrated Billions decentralized identity for agents. Link agents to human identities using Billions ERC-8004 and Attestation Registries.

The take: The "agent identity" frontier. ERC-8004 + attestation registries are a real attempt at solving "is this agent acting on behalf of who it claims to be." Niche right now, load-bearing if agent-to-agent commerce becomes a thing in 2027.

View source · Install

11. Security Audit Toolkit

Skill · gitgoodordietrying/security-audit-toolkit · 11.8K signal · quality unrated Audit codebases and infrastructure for security issues. Scan dependencies for vulnerabilities, detect hardcoded secrets, check OWASP top 10 issues, verify SSL/TLS, audit file permissions.

The take: Broader than #3 (Security Auditor) — extends past application code into infrastructure (SSL, file permissions, dependencies). Install this one when you've shipped to a real server and need to audit the whole runtime, not just the codebase.

View source · Install

12. skill-guard

Skill · jamesouttake/skill-guard · 10.2K signal · quality unrated Scan ClawHub skills for security vulnerabilities BEFORE installing. Detect prompt injections, malware payloads, hardcoded secrets, and other threats.

The take: Another entrant in the now-crowded skill-vetting space. Distinguishes itself by explicitly checking for prompt injections in skill instructions — a threat unique to AI agents that traditional malware scanners don't catch.

View source · Install

Comparison Table

FAQ

How is this list different from the category page on aiskill.market?

The category page is a directory: every skill in the category, sortable and filterable. This list is editorial — opinionated, time-stamped (2026-05-17), and ranked. Use the directory when you know what you want; use this when you don't.

Why does the #1 pick have fewer stars than #5?

Stars are one signal among several. The composite score above also includes install counts (which reflect actual usage on aiskill.market) and the optional quality score. A skill with a smaller star count can rank higher if its installs or quality score are strong enough to offset.

Are these all free?

Yes. Every skill in this top 12 is open source. The 1password integration assumes you already have a 1Password subscription, but the skill itself is free.

How do I install one?

Each linked skill page has install instructions. The fastest path is the one-line install via the aiskill.market CLI or by adding the source repo as a Claude Code plugin marketplace.

How often does this list update?

Quarterly. We re-run the generator script against the catalog every three months. The skill-vetting subcategory is currently the fastest-moving — expect ranking churn there.

Should I install a skill-vetter before I install anything else?

Yes, and meta: install the skill-vetter as your first skill, run it on itself if you want belt-and-suspenders, then use it to vet everything you install afterward. The bootstrapping problem (how do you vet the vetter?) is real but smaller than the alternative (vetting nothing).

Which one fights prompt injection?

MoltGuard (#5) for runtime defense, skill-guard (#12) for pre-install detection in skill manifests. They target different stages of the attack — manifest-time vs. runtime — and complement each other.

Related Categories

• Best AI Skills for DevOps & Deployment in 2026
• Best AI Skills for Development & Code Tools in 2026
• Solo Builders Have a Security Blindspot. Here's What It Costs. — companion essay on why solo builders especially need this category

Browse The Full Catalog

Find every skill in this category — including the ones that didn't make the top 12 — at the Security & Privacy page.

---

Part of the Best-Of 2026 series. Updated 2026-05-17. Skills sampled from a catalog of ~262 active entries with a combined 439.2K popularity signal across the ranked entries.